Avoid using FREEd data when we get a crypto error; Patrick Latifi

Also move the session ID reset into the crp_etype == EAGAIN case
(noticed by angelos@).  OK jason@ and angelos@

1 files changed, 8 insertions, 13 deletions

diff --git a/sys/netinet/ip_esp.c b/sys/netinet/ip_esp.c
index e7fa6fbc30e..0f584b6ceea 100644
--- a/sys/netinet/ip_esp.c
+++ b/sys/netinet/ip_esp.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ip_esp.c,v 1.80 2003/02/28 21:42:56 jason Exp $ */
+/*	$OpenBSD: ip_esp.c,v 1.81 2003/03/31 20:52:06 millert Exp $ */
 /*
  * The authors of this code are John Ioannidis (ji@tla.org),
  * Angelos D. Keromytis (kermit@csd.uch.gr) and
@@ -488,17 +488,14 @@ esp_input_cb(void *op)
 
 	/* Check for crypto errors */
 	if (crp->crp_etype) {
-		FREE(tc, M_XDATA);
-
-		/* Reset the session ID */
-		if (tdb->tdb_cryptoid != 0)
-			tdb->tdb_cryptoid = crp->crp_sid;
-
 		if (crp->crp_etype == EAGAIN) {
+			/* Reset the session ID */
+			if (tdb->tdb_cryptoid != 0)
+				tdb->tdb_cryptoid = crp->crp_sid;
 			splx(s);
 			return crypto_dispatch(crp);
 		}
-
+		FREE(tc, M_XDATA);
 		espstat.esps_noxform++;
 		DPRINTF(("esp_input_cb(): crypto error %d\n", crp->crp_etype));
 		error = crp->crp_etype;
@@ -994,15 +991,13 @@ esp_output_cb(void *op)
 
 	/* Check for crypto errors. */
 	if (crp->crp_etype) {
-		/* Reset session ID. */
-		if (tdb->tdb_cryptoid != 0)
-			tdb->tdb_cryptoid = crp->crp_sid;
-
 		if (crp->crp_etype == EAGAIN) {
+			/* Reset the session ID */
+			if (tdb->tdb_cryptoid != 0)
+				tdb->tdb_cryptoid = crp->crp_sid;
 			splx(s);
 			return crypto_dispatch(crp);
 		}
-
 		FREE(tc, M_XDATA);
 		espstat.esps_noxform++;
 		DPRINTF(("esp_output_cb(): crypto error %d\n",