git.somdevices.com Git - linux.git/commit

author	Florian Westphal <fw@strlen.de>
	Thu, 15 Nov 2018 01:51:57 +0000 (02:51 +0100)
committer	Steffen Klassert <steffen.klassert@secunet.com>
	Thu, 15 Nov 2018 17:09:32 +0000 (18:09 +0100)
commit	39aa6928d462d0f4fd809ff8109f98f24843b28b
tree	e58bec675ba6e0caea552e59fd952e17b70c4b57	tree \| snapshot
parent	7759d6a837edf3e2cc627d3bd7167c6fec637d64	commit \| diff

xfrm: policy: fix netlink/pf_key policy lookups

Colin Ian King says:
Static analysis with CoverityScan found a potential issue [..]
It seems that pointer pol is set to NULL and then a check to see if it
is non-null is used to set pol to tmp; howeverm this check is always
going to be false because pol is always NULL.

Fix this and update test script to catch this. Updated script only:
./xfrm_policy.sh ; echo $?
RTNETLINK answers: No such file or directory
FAIL: ip -net ns3 xfrm policy get src 10.0.1.0/24 dst 10.0.2.0/24 dir out
RTNETLINK answers: No such file or directory
[..]
PASS: policy before exception matches
PASS: ping to .254 bypassed ipsec tunnel
PASS: direct policy matches
PASS: policy matches
1

Fixes: 6be3b0db6db ("xfrm: policy: add inexact policy search tree infrastructure")
Reported-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>

net/xfrm/xfrm_policy.c		diff \| blob \| history
tools/testing/selftests/net/xfrm_policy.sh		diff \| blob \| history