summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKlement Sekera <ksekera@cisco.com>2018-05-11 12:59:05 +0200
committerDamjan Marion <dmarion.lists@gmail.com>2018-05-11 20:07:51 +0000
commitea84130632178e95ff87446e2b7aca14e37c079a (patch)
tree868afc232755dd30c3158cadc7b78db0d43bf8aa
parent29ba40e9cf07c26b5063d30ead015d723cd8c3a8 (diff)
VPP-1275 Fix memory leaks in IPsec CLI
Change-Id: I1f7c634328f25b33580a215af2daeb498cd3b181 Signed-off-by: Klement Sekera <ksekera@cisco.com>
Diffstat
-rw-r--r--src/vnet/ipsec/ipsec_cli.c137
-rw-r--r--src/vppinfra/std-formats.c2
2 files changed, 84 insertions, 55 deletions
diff --git a/src/vnet/ipsec/ipsec_cli.c b/src/vnet/ipsec/ipsec_cli.c
index 238ef9774e1..84c57b2adb7 100644
--- a/src/vnet/ipsec/ipsec_cli.c
+++ b/src/vnet/ipsec/ipsec_cli.c
@@ -447,6 +447,8 @@ show_ipsec_command_fn (vlib_main_t * vm,
u32 *i;
ipsec_tunnel_if_t *t;
vnet_hw_interface_t *hi;
+ u8 *protocol = NULL;
+ u8 *policy = NULL;
/* *INDENT-OFF* */
pool_foreach (sa, im->sad, ({
@@ -485,15 +487,20 @@ show_ipsec_command_fn (vlib_main_t * vm,
vec_foreach(i, spd->ipv4_outbound_policies)
{
p = pool_elt_at_index(spd->policies, *i);
- vlib_cli_output(vm, " priority %d action %U protocol %s%s",
- p->priority,
- format_ipsec_policy_action, p->policy,
- p->protocol ?
- format(0, "%U", format_ip_protocol, p->protocol) :
- (u8 *) "any",
- p->policy == IPSEC_POLICY_ACTION_PROTECT ?
- format(0, " sa %u", p->sa_id) :
- (u8 *) "");
+ vec_reset_length(protocol);
+ vec_reset_length(policy);
+ if (p->protocol) {
+ protocol = format(protocol, "%U", format_ip_protocol, p->protocol);
+ } else {
+ protocol = format(protocol, "any");
+ }
+ if (p->policy == IPSEC_POLICY_ACTION_PROTECT) {
+ policy = format(policy, " sa %u", p->sa_id);
+ }
+
+ vlib_cli_output(vm, " priority %d action %U protocol %v%v",
+ p->priority, format_ipsec_policy_action, p->policy,
+ protocol, policy);
vlib_cli_output(vm, " local addr range %U - %U port range %u - %u",
format_ip4_address, &p->laddr.start.ip4,
format_ip4_address, &p->laddr.stop.ip4,
@@ -508,15 +515,19 @@ show_ipsec_command_fn (vlib_main_t * vm,
vec_foreach(i, spd->ipv6_outbound_policies)
{
p = pool_elt_at_index(spd->policies, *i);
- vlib_cli_output(vm, " priority %d action %U protocol %s%s",
- p->priority,
- format_ipsec_policy_action, p->policy,
- p->protocol ?
- format(0, "%U", format_ip_protocol, p->protocol) :
- (u8 *) "any",
- p->policy == IPSEC_POLICY_ACTION_PROTECT ?
- format(0, " sa %u", p->sa_id) :
- (u8 *) "");
+ vec_reset_length(protocol);
+ vec_reset_length(policy);
+ if (p->protocol) {
+ protocol = format(protocol, "%U", format_ip_protocol, p->protocol);
+ } else {
+ protocol = format(protocol, "any");
+ }
+ if (p->policy == IPSEC_POLICY_ACTION_PROTECT) {
+ policy = format(policy, " sa %u", p->sa_id);
+ }
+ vlib_cli_output(vm, " priority %d action %U protocol %v%v",
+ p->priority, format_ipsec_policy_action, p->policy,
+ protocol, policy);
vlib_cli_output(vm, " local addr range %U - %U port range %u - %u",
format_ip6_address, &p->laddr.start.ip6,
format_ip6_address, &p->laddr.stop.ip6,
@@ -532,15 +543,19 @@ show_ipsec_command_fn (vlib_main_t * vm,
vec_foreach(i, spd->ipv4_inbound_protect_policy_indices)
{
p = pool_elt_at_index(spd->policies, *i);
- vlib_cli_output(vm, " priority %d action %U protocol %s%s",
- p->priority,
- format_ipsec_policy_action, p->policy,
- p->protocol ?
- format(0, "%U", format_ip_protocol, p->protocol) :
- (u8 *) "any",
- p->policy == IPSEC_POLICY_ACTION_PROTECT ?
- format(0, " sa %u", p->sa_id) :
- (u8 *) "");
+ vec_reset_length(protocol);
+ vec_reset_length(policy);
+ if (p->protocol) {
+ protocol = format(protocol, "%U", format_ip_protocol, p->protocol);
+ } else {
+ protocol = format(protocol, "any");
+ }
+ if (p->policy == IPSEC_POLICY_ACTION_PROTECT) {
+ policy = format(policy, " sa %u", p->sa_id);
+ }
+ vlib_cli_output(vm, " priority %d action %U protocol %v%v",
+ p->priority, format_ipsec_policy_action, p->policy,
+ protocol, policy);
vlib_cli_output(vm, " local addr range %U - %U port range %u - %u",
format_ip4_address, &p->laddr.start.ip4,
format_ip4_address, &p->laddr.stop.ip4,
@@ -555,15 +570,19 @@ show_ipsec_command_fn (vlib_main_t * vm,
vec_foreach(i, spd->ipv4_inbound_policy_discard_and_bypass_indices)
{
p = pool_elt_at_index(spd->policies, *i);
- vlib_cli_output(vm, " priority %d action %U protocol %s%s",
- p->priority,
- format_ipsec_policy_action, p->policy,
- p->protocol ?
- format(0, "%U", format_ip_protocol, p->protocol) :
- (u8 *) "any",
- p->policy == IPSEC_POLICY_ACTION_PROTECT ?
- format(0, " sa %u", p->sa_id) :
- (u8 *) "");
+ vec_reset_length(protocol);
+ vec_reset_length(policy);
+ if (p->protocol) {
+ protocol = format(protocol, "%U", format_ip_protocol, p->protocol);
+ } else {
+ protocol = format(protocol, "any");
+ }
+ if (p->policy == IPSEC_POLICY_ACTION_PROTECT) {
+ policy = format(policy, " sa %u", p->sa_id);
+ }
+ vlib_cli_output(vm, " priority %d action %U protocol %v%v",
+ p->priority, format_ipsec_policy_action, p->policy,
+ protocol, policy);
vlib_cli_output(vm, " local addr range %U - %U port range %u - %u",
format_ip4_address, &p->laddr.start.ip4,
format_ip4_address, &p->laddr.stop.ip4,
@@ -578,15 +597,19 @@ show_ipsec_command_fn (vlib_main_t * vm,
vec_foreach(i, spd->ipv6_inbound_protect_policy_indices)
{
p = pool_elt_at_index(spd->policies, *i);
- vlib_cli_output(vm, " priority %d action %U protocol %s%s",
- p->priority,
- format_ipsec_policy_action, p->policy,
- p->protocol ?
- format(0, "%U", format_ip_protocol, p->protocol) :
- (u8 *) "any",
- p->policy == IPSEC_POLICY_ACTION_PROTECT ?
- format(0, " sa %u", p->sa_id) :
- (u8 *) "");
+ vec_reset_length(protocol);
+ vec_reset_length(policy);
+ if (p->protocol) {
+ protocol = format(protocol, "%U", format_ip_protocol, p->protocol);
+ } else {
+ protocol = format(protocol, "any");
+ }
+ if (p->policy == IPSEC_POLICY_ACTION_PROTECT) {
+ policy = format(policy, " sa %u", p->sa_id);
+ }
+ vlib_cli_output(vm, " priority %d action %U protocol %v%v",
+ p->priority, format_ipsec_policy_action, p->policy,
+ protocol, policy);
vlib_cli_output(vm, " local addr range %U - %U port range %u - %u",
format_ip6_address, &p->laddr.start.ip6,
format_ip6_address, &p->laddr.stop.ip6,
@@ -601,15 +624,19 @@ show_ipsec_command_fn (vlib_main_t * vm,
vec_foreach(i, spd->ipv6_inbound_policy_discard_and_bypass_indices)
{
p = pool_elt_at_index(spd->policies, *i);
- vlib_cli_output(vm, " priority %d action %U protocol %s%s",
- p->priority,
- format_ipsec_policy_action, p->policy,
- p->protocol ?
- format(0, "%U", format_ip_protocol, p->protocol) :
- (u8 *) "any",
- p->policy == IPSEC_POLICY_ACTION_PROTECT ?
- format(0, " sa %u", p->sa_id) :
- (u8 *) "");
+ vec_reset_length(protocol);
+ vec_reset_length(policy);
+ if (p->protocol) {
+ protocol = format(protocol, "%U", format_ip_protocol, p->protocol);
+ } else {
+ protocol = format(protocol, "any");
+ }
+ if (p->policy == IPSEC_POLICY_ACTION_PROTECT) {
+ policy = format(policy, " sa %u", p->sa_id);
+ }
+ vlib_cli_output(vm, " priority %d action %U protocol %v%v",
+ p->priority, format_ipsec_policy_action, p->policy,
+ protocol, policy);
vlib_cli_output(vm, " local addr range %U - %U port range %u - %u",
format_ip6_address, &p->laddr.start.ip6,
format_ip6_address, &p->laddr.stop.ip6,
@@ -656,6 +683,8 @@ show_ipsec_command_fn (vlib_main_t * vm,
format_ipsec_integ_alg, sa->integ_alg,
format_hex_bytes, sa->integ_key, sa->integ_key_len);
}));
+ vec_free(policy);
+ vec_free(protocol);
/* *INDENT-ON* */
return 0;
}
diff --git a/src/vppinfra/std-formats.c b/src/vppinfra/std-formats.c
index 832dbb557f7..da3c54cc07e 100644
--- a/src/vppinfra/std-formats.c
+++ b/src/vppinfra/std-formats.c
@@ -253,7 +253,7 @@ unformat_memory_size (unformat_input_t * input, va_list * va)
}
/* Format c identifier: e.g. a_name -> "a name".
- Words for both vector names and null terminated c strings. */
+ Works for both vector names and null terminated c strings. */
u8 *
format_c_identifier (u8 * s, va_list * va)
{