mirror/freebsd
1
0
Fork 0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-12 09:58:36 +00:00
Code Issues Releases Activity

Fix possible double releasing for SA reference.

Browse Source 
This is missing part of r318734. When crypto subsystem returns error
the xform code handles an error independently.

PR:		221849
MFC after:	5 days
This commit is contained in:
Andrey V. Elsukov 2017-09-01 11:51:07 +00:00
parent 08dc78166d
commit 6f9e437bdc
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=323086
1 changed files with 2 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
sys/netipsec/udpencap.c
View File

@ -120,7 +120,7 @@ udp_ipsec_input(struct mbuf *m, int off, int af)
struct udphdr *udp;
struct ip *ip;
uint32_t spi;
int error, hlen;
int hlen;
/*
* Just return if packet doesn't have enough data.
@ -205,10 +205,7 @@ udp_ipsec_input(struct mbuf *m, int off, int af)
* will do this anyway, so don't touch them here.
*/
ESPSTAT_INC(esps_input);
error = (*sav->tdb_xform->xf_input)(m, sav, hlen, off);
if (error != 0)
key_freesav(&sav);
(*sav->tdb_xform->xf_input)(m, sav, hlen, off);
return (EINPROGRESS); /* Consumed by IPsec. */
}