On 17/07/15(Fri) 12:10, Ryota Ozaki wrote:
> Hello,
>
> When I read bridgestp.c, I found a bug that a wrong
> pointer is passed to bstp_notify_rtage via void *;
> bp->bp_ifp is passed but treated as bp.
>
> Please check the below patch and apply it if it's
> appropriate.
It's appropriate and has been committed, thank you very much.
>
> Regards,
> ozaki-r
>
> diff --git a/sys/net/bridgestp.c b/sys/net/bridgestp.c
> index 150cc05..182784e 100644
> --- a/sys/net/bridgestp.c
> +++ b/sys/net/bridgestp.c
> @@ -254,7 +254,7 @@ void bstp_set_timer_tc(struct bstp_port *);
> void bstp_set_timer_msgage(struct bstp_port *);
> int bstp_rerooted(struct bstp_state *, struct bstp_port *);
> u_int32_t bstp_calc_path_cost(struct bstp_port *);
> -void bstp_notify_rtage(void *, int);
> +void bstp_notify_rtage(struct bstp_port *, int);
> void bstp_ifupdstatus(struct bstp_state *, struct bstp_port *);
> void bstp_enable_port(struct bstp_state *, struct bstp_port *);
> void bstp_disable_port(struct bstp_state *, struct bstp_port *);
> @@ -1447,7 +1447,7 @@ bstp_set_port_tc(struct bstp_port *bp, int state)
> bstp_timer_stop(&bp->bp_tc_timer);
> /* flush routes on the parent bridge */
> bp->bp_fdbflush = 1;
> - bstp_notify_rtage(bp->bp_ifp, 0);
> + bstp_notify_rtage(bp, 0);
> bp->bp_tc_ack = 0;
> DPRINTF("%s -> TC_INACTIVE\n", bp->bp_ifp->if_xname);
> break;
> @@ -1489,7 +1489,7 @@ bstp_set_port_tc(struct bstp_port *bp, int state)
> case BSTP_TCSTATE_PROPAG:
> /* flush routes on the parent bridge */
> bp->bp_fdbflush = 1;
> - bstp_notify_rtage(bp->bp_ifp, 0);
> + bstp_notify_rtage(bp, 0);
> bp->bp_tc_prop = 0;
> bstp_set_timer_tc(bp);
> DPRINTF("%s -> TC_PROPAG\n", bp->bp_ifp->if_xname);
> @@ -1585,9 +1585,8 @@ bstp_calc_path_cost(struct bstp_port *bp)
> }
>
> void
> -bstp_notify_rtage(void *arg, int pending)
> +bstp_notify_rtage(struct bstp_port *bp, int pending)
> {
> - struct bstp_port *bp = (struct bstp_port *)arg;
> int age = 0;
>
> splassert(IPL_NET);
>
