crypto: bails out early for unsupported key type

Do not access data structures based on uninitialized key->alg.

Type: fix
Fixes: f539578bac8b64886b57c460c9d74273e6613f8b

Change-Id: I6bfb7e7a51af2c131b8bdf3bca6a38fcf1094760
Signed-off-by: Benoît Ganne <bganne@cisco.com>

1 files changed, 4 insertions, 4 deletions

diff --git a/src/plugins/crypto_ipsecmb/ipsecmb.c b/src/plugins/crypto_ipsecmb/ipsecmb.c
index 3c5495a9091..0501dcccb08 100644
--- a/src/plugins/crypto_ipsecmb/ipsecmb.c
+++ b/src/plugins/crypto_ipsecmb/ipsecmb.c
@@ -436,6 +436,10 @@ crypto_ipsecmb_key_handler (vlib_main_t * vm, vnet_crypto_key_op_t kop,
   u32 i;
   void *kd;
 
+  /** TODO: add linked alg support **/
+  if (key->type == VNET_CRYPTO_KEY_TYPE_LINK)
+    return;
+
   if (kop == VNET_CRYPTO_KEY_OP_DEL)
     {
       if (idx >= vec_len (imbm->key_data))
@@ -459,10 +463,6 @@ crypto_ipsecmb_key_handler (vlib_main_t * vm, vnet_crypto_key_op_t kop,
       clib_mem_free_s (imbm->key_data[idx]);
     }
 
-  /** TODO: add linked alg support **/
-  if (key->type == VNET_CRYPTO_KEY_TYPE_LINK)
-    return;
-
   kd = imbm->key_data[idx] = clib_mem_alloc_aligned (ad->data_size,
 						     CLIB_CACHE_LINE_BYTES);