From fa1076eaac91b9a68be9465a1a92d47f8c7fe23e Mon Sep 17 00:00:00 2001
From: Thomas Egerer <thomas.egerer@secunet.com>
Date: Fri, 10 Jun 2016 11:57:53 +0200
Subject: xfrm: fix segfault when using encapsulation templates

Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>

http://lists.infradead.org/pipermail/libnl/2016-June/002140.html
---
 lib/xfrm/sa.c | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

(limited to 'lib/xfrm')

diff --git a/lib/xfrm/sa.c b/lib/xfrm/sa.c
index 0b813c46..7e663bbd 100644
--- a/lib/xfrm/sa.c
+++ b/lib/xfrm/sa.c
@@ -1773,9 +1773,14 @@ int xfrmnl_sa_get_encap_tmpl (struct xfrmnl_sa* sa, unsigned int* encap_type, un
 
 int xfrmnl_sa_set_encap_tmpl (struct xfrmnl_sa* sa, unsigned int encap_type, unsigned int encap_sport, unsigned int encap_dport, struct nl_addr* encap_oa)
 {
-	/* Free up the old encap OA */
-	if (sa->encap->encap_oa)
-		nl_addr_put (sa->encap->encap_oa);
+	if (sa->encap) {
+		/* Free up the old encap OA */
+		if (sa->encap->encap_oa)
+			nl_addr_put(sa->encap->encap_oa);
+		free(sa->encap);
+	}
+	if ((sa->encap = calloc(1, sizeof(*sa->encap))) == NULL)
+		return -1;
 
 	/* Save the new info */
 	sa->encap->encap_type   =   encap_type;
-- 
cgit v1.2.3