Fix segfault when enabling pf plug-ins

This fixes an issue where a segfault happens in pf_cn_test() if no
packet filtering rules have been parsed.  See the trac ticket for
more details.

Trac: 163
Signed-off-by: David Sommerseth <davids@redhat.com>
Acked-by: David Sommerseth <davids@redhat.com>
(cherry picked from commit 31e5f34f3c6cf3aa6f120d22c415ac74a5ba1639)

diff --git a/src/openvpn/pf.c b/src/openvpn/pf.c
index aafe9ff096571ae57efa6afa583b094a547bd779..461beed75e435eb4fc522f792c075b6fe6d76b8e 100644 (file)
--- a/src/openvpn/pf.c
+++ b/src/openvpn/pf.c
@@ -417,7 +417,7 @@ lookup_cn_rule (struct hash *h, const char *cn, const uint32_t cn_hash)
 bool
 pf_cn_test (struct pf_set *pfs, const struct tls_multi *tm, const int type, const char *prefix)
 {
-  if (!pfs->kill)
+  if (pfs && !pfs->kill)
     {
       const char *cn;
       uint32_t cn_hash;