mirror of
https://github.com/freebsd/freebsd-src.git
synced 2024-11-27 09:12:44 +00:00
ipsec esp: avoid dereferencing freed secasindex
(cherry picked from commit 1a56620b79
)
This commit is contained in:
parent
ee1e748d21
commit
bf58a77ae1
@ -500,6 +500,13 @@ esp_input_cb(struct cryptop *crp)
|
||||
xd = crp->crp_opaque;
|
||||
CURVNET_SET(xd->vnet);
|
||||
sav = xd->sav;
|
||||
if (sav->state >= SADB_SASTATE_DEAD) {
|
||||
/* saidx is freed */
|
||||
DPRINTF(("%s: dead SA %p spi %#x\n", __func__, sav, sav->spi));
|
||||
ESPSTAT_INC(esps_notdb);
|
||||
error = ESRCH;
|
||||
goto bad;
|
||||
}
|
||||
skip = xd->skip;
|
||||
protoff = xd->protoff;
|
||||
cryptoid = xd->cryptoid;
|
||||
|
Loading…
Reference in New Issue
Block a user