1 files changed, 8 insertions, 13 deletions
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
index aff2e84ec761..e92b8c019c88 100644
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -121,22 +121,17 @@ static inline int verify_replay(struct xfrm_usersa_info *p,
        struct nlattr *rt = attrs[XFRMA_REPLAY_ESN_VAL];
        struct xfrm_replay_state_esn *rs;
-        if (p->flags & XFRM_STATE_ESN) {
+        if (!rt)
-                if (!rt)
+                return (p->flags & XFRM_STATE_ESN) ? -EINVAL : 0;
-                        return -EINVAL;
-                rs = nla_data(rt);
+        rs = nla_data(rt);
-                if (rs->bmp_len > XFRMA_REPLAY_ESN_MAX / sizeof(rs->bmp[0]) / 8)
+        if (rs->bmp_len > XFRMA_REPLAY_ESN_MAX / sizeof(rs->bmp[0]) / 8)
-                        return -EINVAL;
+                return -EINVAL;
-                if (nla_len(rt) < (int)xfrm_replay_state_esn_len(rs) &&
-                    nla_len(rt) != sizeof(*rs))
-                        return -EINVAL;
-        }
-        if (!rt)
+        if (nla_len(rt) < (int)xfrm_replay_state_esn_len(rs) &&
-                return 0;
+            nla_len(rt) != sizeof(*rs))
+                return -EINVAL;
        /* As only ESP and AH support ESN feature. */
        if ((p->id.proto != IPPROTO_ESP) && (p->id.proto != IPPROTO_AH))

diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c index aff2e84ec761..e92b8c019c88 100644 --- a/net/xfrm/xfrm_user.c +++ b/net/xfrm/xfrm_user.c
@@ -121,22 +121,17 @@ static inline int verify_replay(struct xfrm_usersa_info *p,
121	struct nlattr *rt = attrs[XFRMA_REPLAY_ESN_VAL];	121	struct nlattr *rt = attrs[XFRMA_REPLAY_ESN_VAL];
122	struct xfrm_replay_state_esn *rs;	122	struct xfrm_replay_state_esn *rs;
123		123
124	if (p->flags & XFRM_STATE_ESN) {	124	if (!rt)
125	if (!rt)	125	return (p->flags & XFRM_STATE_ESN) ? -EINVAL : 0;
126	return -EINVAL;
127		126
128	rs = nla_data(rt);	127	rs = nla_data(rt);
129		128
130	if (rs->bmp_len > XFRMA_REPLAY_ESN_MAX / sizeof(rs->bmp[0]) / 8)	129	if (rs->bmp_len > XFRMA_REPLAY_ESN_MAX / sizeof(rs->bmp[0]) / 8)
131	return -EINVAL;	130	return -EINVAL;
132
133	if (nla_len(rt) < (int)xfrm_replay_state_esn_len(rs) &&
134	nla_len(rt) != sizeof(*rs))
135	return -EINVAL;
136	}
137		131
138	if (!rt)	132	if (nla_len(rt) < (int)xfrm_replay_state_esn_len(rs) &&
139	return 0;	133	nla_len(rt) != sizeof(*rs))
		134	return -EINVAL;
140		135
141	/* As only ESP and AH support ESN feature. */	136	/* As only ESP and AH support ESN feature. */
142	if ((p->id.proto != IPPROTO_ESP) && (p->id.proto != IPPROTO_AH))	137	if ((p->id.proto != IPPROTO_ESP) && (p->id.proto != IPPROTO_AH))