Code Review
/
vpp.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
review
|
tree
raw
| inline |
side by side
ipsec: fix esp trace seq number overflow
[vpp.git]
/
src
/
vnet
/
ipsec
/
ipsec_tun_in.c
diff --git
a/src/vnet/ipsec/ipsec_tun_in.c
b/src/vnet/ipsec/ipsec_tun_in.c
index
04f7a92
..
d88cc08
100644
(file)
--- a/
src/vnet/ipsec/ipsec_tun_in.c
+++ b/
src/vnet/ipsec/ipsec_tun_in.c
@@
-376,7
+376,9
@@
ipsec_tun_protect_input_inline (vlib_main_t * vm, vlib_node_runtime_t * node,
else
clib_memcpy (&tr->key4, &key40, sizeof (tr->key4));
tr->is_ip6 = is_ip6;
- tr->seq = clib_host_to_net_u32 (esp0->seq);
+ tr->seq =
+ len0 >=
+ sizeof (*esp0) ? clib_host_to_net_u32 (esp0->seq) : ~0;
}
}