Add check for the return value of pfkey_sadb2xfrm_user_sec_ctx()
to prevent potential errors.

Signed-off-by: Haoxiang Li <haoxiang_li2024@163.com>
---
 net/key/af_key.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/net/key/af_key.c b/net/key/af_key.c
index efc2a91f4c48..e7318cea1f3a 100644
--- a/net/key/af_key.c
+++ b/net/key/af_key.c
@@ -3335,6 +3335,9 @@ static struct xfrm_policy *pfkey_compile_policy(struct sock *sk, int opt,
 		if ((*dir = verify_sec_ctx_len(p)))
 			goto out;
 		uctx = pfkey_sadb2xfrm_user_sec_ctx(sec_ctx, GFP_ATOMIC);
+		if (!uctx)
+			goto out;
+
 		*dir = security_xfrm_policy_alloc(&xp->security, uctx, GFP_ATOMIC);
 		kfree(uctx);
 
-- 
2.25.1