d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Though we are only called for the three security protocols we can

Browse Source 
handle, document those sprotos using an IPSEC_ASSERT so that it will
be clear that 'spi' will always be initialized when used the first time.

Found with:	Coverity Prevent(tm)
CID:		2533
This commit is contained in:
Bjoern A. Zeeb 2007-06-15 21:32:51 +00:00
parent b9e7085a57
commit f4760821db
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=170792
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
sys/netipsec/ipsec_input.c
View File

@ -116,6 +116,10 @@ ipsec_common_input(struct mbuf *m, int skip, int protoff, int af, int sproto)
IPSEC_ASSERT(m != NULL, ("null packet"));
IPSEC_ASSERT(sproto == IPPROTO_ESP || sproto == IPPROTO_AH ||
sproto == IPPROTO_IPCOMP,
("unexpected security protocol %u", sproto));
if ((sproto == IPPROTO_ESP && !esp_enable) ||
(sproto == IPPROTO_AH && !ah_enable) ||
(sproto == IPPROTO_IPCOMP && !ipcomp_enable)) {