From mboxrd@z Thu Jan  1 00:00:00 1970
From: Radu Nicolau <radu.nicolau@intel.com>
Subject: [PATCH] security: fix segfault when destroy NULL session
Date: Thu,  5 Jul 2018 11:04:42 +0100
Message-ID: <1530785082-4742-1-git-send-email-radu.nicolau@intel.com>
Cc: akhil.goyal@nxp.com, borisp@mellanox.com, declan.doherty@intel.com,
 Radu Nicolau <radu.nicolau@intel.com>, stable@dpdk.org
To: dev@dpdk.org
Return-path: <dev-bounces@dpdk.org>
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

rte_security_session_destroy should return -EINVAL is session is NULL,
but segfaults because of rte_mempool_from_obj(NULL) call.

Fixes: c261d1431bd8 ("security: introduce security API and framework")
Cc: stable@dpdk.org

Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
---
 lib/librte_security/rte_security.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/lib/librte_security/rte_security.c b/lib/librte_security/rte_security.c
index 1e559c9..f862e94 100644
--- a/lib/librte_security/rte_security.c
+++ b/lib/librte_security/rte_security.c
@@ -91,7 +91,6 @@ rte_security_session_destroy(struct rte_security_ctx *instance,
 			     struct rte_security_session *sess)
 {
 	int ret;
-	struct rte_mempool *mp = rte_mempool_from_obj(sess);
 
 	RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_destroy, -ENOTSUP);
 
@@ -100,7 +99,7 @@ rte_security_session_destroy(struct rte_security_ctx *instance,
 
 	ret = instance->ops->session_destroy(instance->device, sess);
 	if (!ret)
-		rte_mempool_put(mp, (void *)sess);
+		rte_mempool_put(rte_mempool_from_obj(sess), (void *)sess);
 
 	return ret;
 }
-- 
2.7.5