From 217ba5a9dee79b37099aac8bb262337dc893915a Mon Sep 17 00:00:00 2001 From: =?utf8?q?Beno=C3=AEt=20Ganne?= Date: Mon, 14 Jun 2021 17:23:56 +0200 Subject: [PATCH] ipsec: fix length check when adding footer+icv MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Length check must also take current_data into account. Type: fix Change-Id: I7a1b1752868892d40f59490d05452ef24565cca6 Signed-off-by: Benoît Ganne --- src/vnet/ipsec/esp_encrypt.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/vnet/ipsec/esp_encrypt.c b/src/vnet/ipsec/esp_encrypt.c index 30c2bf9a8ac..68aeb60885c 100644 --- a/src/vnet/ipsec/esp_encrypt.c +++ b/src/vnet/ipsec/esp_encrypt.c @@ -129,7 +129,8 @@ esp_add_footer_and_icv (vlib_main_t *vm, vlib_buffer_t **last, u8 esp_align, last[0]->current_length + pad_bytes); u16 tail_sz = sizeof (esp_footer_t) + pad_bytes + icv_sz; - if (last[0]->current_length + tail_sz > buffer_data_size) + if (last[0]->current_data + last[0]->current_length + tail_sz > + buffer_data_size) { u32 tmp_bi = 0; if (vlib_buffer_alloc (vm, &tmp_bi, 1) != 1) -- 2.16.6