From 9025515c250eee5c2592ea0683f2c81994c2f8d1 Mon Sep 17 00:00:00 2001
From: Reuben Dowle <reuben.dowle@4rf.com>
Date: Mon, 15 Mar 2021 16:25:25 +1300
Subject: [PATCH] nhrpd: Ensure invalid NAT extension info cannot be used

Signed-off-by: Reuben Dowle <reuben.dowle@4rf.com>
---
 nhrpd/nhrp_peer.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/nhrpd/nhrp_peer.c b/nhrpd/nhrp_peer.c
index fcada245ea..74e502b214 100644
--- a/nhrpd/nhrp_peer.c
+++ b/nhrpd/nhrp_peer.c
@@ -393,12 +393,14 @@ static void nhrp_process_nat_extension(struct nhrp_packet_parser *pp,
 	struct nhrp_extension_header *ext;
 	struct zbuf *extensions;
 
-
-	if (!proto || !cie_nbma || sockunion_family(proto) == AF_UNSPEC)
+	if (!cie_nbma)
 		return;
 
 	sockunion_family(cie_nbma) = AF_UNSPEC;
 
+	if (!proto || sockunion_family(proto) == AF_UNSPEC)
+		return;
+
 	/* Handle extensions */
 	extensions = zbuf_alloc(zbuf_used(&pp->extensions));
 	if (extensions) {
-- 
2.39.5