ipsec: fix buffer alloc

author Filip Tehlar <ftehlar@cisco.com>

Fri, 3 Apr 2020 12:14:29 +0000 (12:14 +0000)

committer Damjan Marion <dmarion@me.com>

Tue, 28 Apr 2020 21:09:14 +0000 (21:09 +0000)
author Filip Tehlar <ftehlar@cisco.com>
Fri, 3 Apr 2020 12:14:29 +0000 (12:14 +0000)
committer Damjan Marion <dmarion@me.com>
Tue, 28 Apr 2020 21:09:14 +0000 (21:09 +0000)
diff --git a/src/vnet/ipsec/esp_decrypt.c b/src/vnet/ipsec/esp_decrypt.c

index 80b3246..0d14fe5 100644 (file)
--- a/src/vnet/ipsec/esp_decrypt.c
+++ b/src/vnet/ipsec/esp_decrypt.c
@@ -527,7 +527,13 @@ esp_decrypt_inline (vlib_main_t * vm,
                                 {
                                   /* no space, need to allocate new buffer */
                                   u32 tmp_bi = 0;
-                                 vlib_buffer_alloc (vm, &tmp_bi, 1);
+                                 if (1 != vlib_buffer_alloc (vm, &tmp_bi, 1))
+                                   {
+                                     b[0]->error = node->errors
+                                       [ESP_DECRYPT_ERROR_NO_BUFFERS];
+                                     next[0] = ESP_DECRYPT_NEXT_DROP;
+                                     goto next;
+                                   }
                                   tmp_b = vlib_get_buffer (vm, tmp_bi);
                                   esn = tmp_b->data;
                                   pd->free_buffer_index = tmp_bi;
author	Filip Tehlar <ftehlar@cisco.com>
	Fri, 3 Apr 2020 12:14:29 +0000 (12:14 +0000)
committer	Damjan Marion <dmarion@me.com>
	Tue, 28 Apr 2020 21:09:14 +0000 (21:09 +0000)