[XFRM]: Fix OOPSes in xfrm_audit_log().

[safe/jmp/linux-2.6] / net / xfrm / xfrm_user.c

diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
index d55436d..2567453 100644 (file)
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -1273,10 +1273,6 @@ static int xfrm_get_policy(struct sk_buff *skb, struct nlmsghdr *nlh,
                xp = xfrm_policy_bysel_ctx(type, p->dir, &p->sel, tmp.security, delete);
                security_xfrm_policy_free(&tmp);
        }
-       if (delete)
-               xfrm_audit_log(NETLINK_CB(skb).loginuid, NETLINK_CB(skb).sid,
-                              AUDIT_MAC_IPSEC_DELSPD, (xp) ? 1 : 0, xp, NULL);
-
        if (xp == NULL)
                return -ENOENT;
 
@@ -1292,8 +1288,14 @@ static int xfrm_get_policy(struct sk_buff *skb, struct nlmsghdr *nlh,
                                              MSG_DONTWAIT);
                }
        } else {
-               if ((err = security_xfrm_policy_delete(xp)) != 0)
+               err = security_xfrm_policy_delete(xp);
+
+               xfrm_audit_log(NETLINK_CB(skb).loginuid, NETLINK_CB(skb).sid,
+                              AUDIT_MAC_IPSEC_DELSPD, err ? 0 : 1, xp, NULL);
+
+               if (err != 0)
                        goto out;
+
                c.data.byid = p->index;
                c.event = nlh->nlmsg_type;
                c.seq = nlh->nlmsg_seq;