Add a missing return so that we drop out in case of an error and
do not continue with a NULL pointer. [1] While here change the return of the error handling code path above. I cannot see why we should always return 0 there. Neither does KAME nor do we in here for the similar check in all the other functions. Found with: Coverity Prevent(tm) [1] CID: 2521
This commit is contained in:
parent
5915fb72fb
commit
3a3a760769
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=170803
@ -2123,8 +2123,7 @@ key_spddelete2(so, m, mhp)
|
||||
if (mhp->ext[SADB_X_EXT_POLICY] == NULL ||
|
||||
mhp->extlen[SADB_X_EXT_POLICY] < sizeof(struct sadb_x_policy)) {
|
||||
ipseclog((LOG_DEBUG, "%s: invalid message is passed.\n", __func__));
|
||||
key_senderror(so, m, EINVAL);
|
||||
return 0;
|
||||
return key_senderror(so, m, EINVAL);
|
||||
}
|
||||
|
||||
id = ((struct sadb_x_policy *)mhp->ext[SADB_X_EXT_POLICY])->sadb_x_policy_id;
|
||||
@ -2132,7 +2131,7 @@ key_spddelete2(so, m, mhp)
|
||||
/* Is there SP in SPD ? */
|
||||
if ((sp = key_getspbyid(id)) == NULL) {
|
||||
ipseclog((LOG_DEBUG, "%s: no SP found id:%u.\n", __func__, id));
|
||||
key_senderror(so, m, EINVAL);
|
||||
return key_senderror(so, m, EINVAL);
|
||||
}
|
||||
|
||||
sp->state = IPSEC_SPSTATE_DEAD;
|
||||
|
Loading…
Reference in New Issue
Block a user