summaryrefslogtreecommitdiffstats
path: root/src/vnet/ipsec/ipsec_tun_in.c
diff options
context:
space:
mode:
authorBenoît Ganne <bganne@cisco.com>2019-10-29 11:13:05 +0100
committerAndrew Yourtchenko <ayourtch@gmail.com>2019-11-05 10:44:44 +0000
commite7ac6d0250664f278e7aa5a483f413bda0432def (patch)
tree3824999c0a5f64f24b38508263cff34711e05699 /src/vnet/ipsec/ipsec_tun_in.c
parente04a58d27bac8f97bda85a7684b7bb68682341cc (diff)
ipsec: fix esp trace seq number overflow
Do not copy invalid seq number if packet is too small. Type: fix Change-Id: I1e78f5920e9645521f57efccaf35bbf9ce0676a8 Signed-off-by: Benoît Ganne <bganne@cisco.com> (cherry picked from commit c520fe7ab9db6fa60f9e69be990dd5c83eb40522)
Diffstat (limited to 'src/vnet/ipsec/ipsec_tun_in.c')
-rw-r--r--src/vnet/ipsec/ipsec_tun_in.c4
1 files changed, 3 insertions, 1 deletions
diff --git a/src/vnet/ipsec/ipsec_tun_in.c b/src/vnet/ipsec/ipsec_tun_in.c
index 04f7a9296ab..d88cc08ddbd 100644
--- a/src/vnet/ipsec/ipsec_tun_in.c
+++ b/src/vnet/ipsec/ipsec_tun_in.c
@@ -376,7 +376,9 @@ ipsec_tun_protect_input_inline (vlib_main_t * vm, vlib_node_runtime_t * node,
else
clib_memcpy (&tr->key4, &key40, sizeof (tr->key4));
tr->is_ip6 = is_ip6;
- tr->seq = clib_host_to_net_u32 (esp0->seq);
+ tr->seq =
+ len0 >=
+ sizeof (*esp0) ? clib_host_to_net_u32 (esp0->seq) : ~0;
}
}