From 68468697b8ac0f07485af4a153249baca056fa72 Mon Sep 17 00:00:00 2001
From: mbuhl <mbuhl@openbsd.org>
Date: Fri, 11 Nov 2022 16:17:16 +0000
Subject: [PATCH] In case of an invalid SA resp is passed to ikev2_msg_cleanup
 without initialization where the msg_parent field is accessed. ok tobhe

---
 sbin/iked/ikev2_msg.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/sbin/iked/ikev2_msg.c b/sbin/iked/ikev2_msg.c
index 96d13026757..05e26af331e 100644
--- a/sbin/iked/ikev2_msg.c
+++ b/sbin/iked/ikev2_msg.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ikev2_msg.c,v 1.87 2022/09/21 22:32:11 tobhe Exp $	*/
+/*	$OpenBSD: ikev2_msg.c,v 1.88 2022/11/11 16:17:16 mbuhl Exp $	*/
 
 /*
  * Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
@@ -811,7 +811,8 @@ ikev2_send_encrypted_fragments(struct iked *env, struct iked_sa *sa,
 	    sa->sa_encr == NULL ||
 	    sa->sa_integr == NULL) {
 		log_debug("%s: invalid SA", __func__);
-		goto done;
+		ikestat_inc(env, ikes_frag_send_failures);
+		return ret;
 	}
 
 	sa_fam = ((struct sockaddr *)&sa->sa_local.addr)->sa_family;
-- 
2.20.1