From b862f1dd52b0f5318d67b4463be90562e57f8278 Mon Sep 17 00:00:00 2001
From: Alexander Chernavin <achernavin@netgate.com>
Date: Thu, 27 May 2021 10:05:17 -0400
Subject: nat: fix crash when translate unknown proto packets

Type: fix

Currently, there might be a crash in NAT ED mode:
 * if a session for an unknown proto packet cannot be created in2out,
 * if a session for an unknown proto packet cannot be found out2in.

With this change, translate packets only if a session is given in NAT
ED mode.

Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: Iafb332db1ae9a3e76435964ad636037d1b8a51e8
---
 src/plugins/nat/nat44-ed/nat44_ed_in2out.c | 7 ++++---
 src/plugins/nat/nat44-ed/nat44_ed_out2in.c | 2 +-
 2 files changed, 5 insertions(+), 4 deletions(-)

(limited to 'src')

diff --git a/src/plugins/nat/nat44-ed/nat44_ed_in2out.c b/src/plugins/nat/nat44-ed/nat44_ed_in2out.c
index 85cda76db39..f3f3ffa13b0 100644
--- a/src/plugins/nat/nat44-ed/nat44_ed_in2out.c
+++ b/src/plugins/nat/nat44-ed/nat44_ed_in2out.c
@@ -1329,9 +1329,10 @@ nat44_ed_in2out_slow_path_node_fn_inline (vlib_main_t *vm,
 	  if (!s0)
 	    next[0] = NAT_NEXT_DROP;
 
-	  if (NAT_ED_TRNSL_ERR_SUCCESS !=
-	      (translation_error = nat_6t_flow_buf_translate (
-		 sm, b0, ip0, &s0->i2o, proto0, is_output_feature)))
+	  if (NAT_NEXT_DROP != next[0] && s0 &&
+	      NAT_ED_TRNSL_ERR_SUCCESS !=
+		(translation_error = nat_6t_flow_buf_translate (
+		   sm, b0, ip0, &s0->i2o, proto0, is_output_feature)))
 	    {
 	      goto trace0;
 	    }
diff --git a/src/plugins/nat/nat44-ed/nat44_ed_out2in.c b/src/plugins/nat/nat44-ed/nat44_ed_out2in.c
index 039d46406d1..f14311a99e1 100644
--- a/src/plugins/nat/nat44-ed/nat44_ed_out2in.c
+++ b/src/plugins/nat/nat44-ed/nat44_ed_out2in.c
@@ -1180,7 +1180,7 @@ nat44_ed_out2in_slow_path_node_fn_inline (vlib_main_t * vm,
 	      if (!s0)
 		next[0] = NAT_NEXT_DROP;
 	    }
-	  if (NAT_NEXT_DROP != next[0] &&
+	  if (NAT_NEXT_DROP != next[0] && s0 &&
 	      NAT_ED_TRNSL_ERR_SUCCESS !=
 		(translation_error = nat_6t_flow_buf_translate (
 		   sm, b0, ip0, &s0->o2i, proto0, 0 /* is_output_feature */)))
-- 
cgit 1.2.3-korg