examples/ipsec-secgw: fix uninitialized memory access

[ upstream commit 0b512a9 ] rte_flow_validate and rte_flow_create not always initialize flow error. Using error.message in some error cases will cause read from uninitialized memory. Fixes: 6738c0a ("examples/ipsec-secgw: support flow director") Signed-off-by: Volodymyr Fialko <vfialko@marvell.com> Acked-by: Anoob Joseph <anoobj@marvell.com> Acked-by: Akhil Goyal <gakhil@marvell.com>
kevintraynor · Jun 8, 2022 · 51952c8 · 51952c8
1 parent 3a9e4cd
commit 51952c8
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/examples/ipsec-secgw/flow.c b/examples/ipsec-secgw/flow.c
@@ -214,7 +214,7 @@ flow_init_single(struct flow_rule_entry *rule)
 	struct rte_flow_item pattern[MAX_RTE_FLOW_PATTERN] = {};
 	struct rte_flow_action action[MAX_RTE_FLOW_ACTIONS] = {};
 	struct rte_flow_attr attr = {};
-	struct rte_flow_error err;
+	struct rte_flow_error err = {};
 	int ret;
 
 	attr.egress = 0;

diff --git a/examples/ipsec-secgw/ipsec.c b/examples/ipsec-secgw/ipsec.c
@@ -496,7 +496,7 @@ int
 create_ipsec_esp_flow(struct ipsec_sa *sa)
 {
 	int ret = 0;
-	struct rte_flow_error err;
+	struct rte_flow_error err = {};
 	if (sa->direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS) {
 		RTE_LOG(ERR, IPSEC,
 			"No Flow director rule for Egress traffic\n");