Module Name: src
Committed By: prlw1
Date: Fri Aug 7 17:31:12 UTC 2015
Modified Files:
src/sys/external/bsd/ipf/netinet: ip_nat.c ip_nat.h ip_nat6.c
Log Message:
Avoid panic in SIOCGNATL dereferencing a NULL softc.
Solution suggestion from Martin Husemann.
To generate a diff of this commit:
cvs rdiff -u -r1.13 -r1.14 src/sys/external/bsd/ipf/netinet/ip_nat.c
cvs rdiff -u -r1.6 -r1.7 src/sys/external/bsd/ipf/netinet/ip_nat.h
cvs rdiff -u -r1.7 -r1.8 src/sys/external/bsd/ipf/netinet/ip_nat6.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/external/bsd/ipf/netinet/ip_nat.c
diff -u src/sys/external/bsd/ipf/netinet/ip_nat.c:1.13 src/sys/external/bsd/ipf/netinet/ip_nat.c:1.14
--- src/sys/external/bsd/ipf/netinet/ip_nat.c:1.13 Sat Jul 12 14:54:32 2014
+++ src/sys/external/bsd/ipf/netinet/ip_nat.c Fri Aug 7 17:31:12 2015
@@ -1,4 +1,4 @@
-/* $NetBSD: ip_nat.c,v 1.13 2014/07/12 14:54:32 darrenr Exp $ */
+/* $NetBSD: ip_nat.c,v 1.14 2015/08/07 17:31:12 prlw1 Exp $ */
/*
* Copyright (C) 2012 by Darren Reed.
@@ -113,7 +113,7 @@ extern struct ifnet vpnif;
#if !defined(lint)
#if defined(__NetBSD__)
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip_nat.c,v 1.13 2014/07/12 14:54:32 darrenr Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip_nat.c,v 1.14 2015/08/07 17:31:12 prlw1 Exp $");
#else
static const char sccsid[] = "@(#)ip_nat.c 1.11 6/5/96 (C) 1995 Darren Reed";
static const char rcsid[] = "@(#)Id: ip_nat.c,v 1.1.1.2 2012/07/22 13:45:27 darrenr Exp";
@@ -1227,11 +1227,11 @@ ipf_nat_ioctl(ipf_main_softc_t *softc, v
switch (nl.nl_v)
{
case 4 :
- ptr = ipf_nat_lookupredir(&nl);
+ ptr = ipf_nat_lookupredir(softc, &nl);
break;
#ifdef USE_INET6
case 6 :
- ptr = ipf_nat6_lookupredir(&nl);
+ ptr = ipf_nat6_lookupredir(softc, &nl);
break;
#endif
default:
@@ -4574,12 +4574,13 @@ find_out_wild_ports:
/* nl_out* = destination information (translated) */
/* ------------------------------------------------------------------------ */
nat_t *
-ipf_nat_lookupredir(natlookup_t *np)
+ipf_nat_lookupredir(ipf_main_softc_t *softc, natlookup_t *np)
{
fr_info_t fi;
nat_t *nat;
bzero((char *)&fi, sizeof(fi));
+ fi.fin_main_soft = softc;
if (np->nl_flags & IPN_IN) {
fi.fin_data[0] = ntohs(np->nl_realport);
fi.fin_data[1] = ntohs(np->nl_outport);
Index: src/sys/external/bsd/ipf/netinet/ip_nat.h
diff -u src/sys/external/bsd/ipf/netinet/ip_nat.h:1.6 src/sys/external/bsd/ipf/netinet/ip_nat.h:1.7
--- src/sys/external/bsd/ipf/netinet/ip_nat.h:1.6 Wed Jan 9 13:23:20 2013
+++ src/sys/external/bsd/ipf/netinet/ip_nat.h Fri Aug 7 17:31:12 2015
@@ -1,4 +1,4 @@
-/* $NetBSD: ip_nat.h,v 1.6 2013/01/09 13:23:20 christos Exp $ */
+/* $NetBSD: ip_nat.h,v 1.7 2015/08/07 17:31:12 prlw1 Exp $ */
/*
* Copyright (C) 2012 by Darren Reed.
@@ -721,7 +721,7 @@ extern int ipf_nat_ioctl(ipf_main_softc_
int, int, void *);
extern void ipf_nat_log(ipf_main_softc_t *, ipf_nat_softc_t *,
struct nat *, u_int);
-extern nat_t *ipf_nat_lookupredir(natlookup_t *);
+extern nat_t *ipf_nat_lookupredir(ipf_main_softc_t *, natlookup_t *);
extern nat_t *ipf_nat_maplookup(void *, u_int, struct in_addr,
struct in_addr);
extern nat_t *ipf_nat_add(fr_info_t *, ipnat_t *, nat_t **,
@@ -780,7 +780,7 @@ extern nat_t *ipf_nat6_inlookup(fr_info_
extern u_32_t ipf_nat6_ip6subtract(i6addr_t *, i6addr_t *);
extern frentry_t *ipf_nat6_ipfin(fr_info_t *, u_32_t *);
extern frentry_t *ipf_nat6_ipfout(fr_info_t *, u_32_t *);
-extern nat_t *ipf_nat6_lookupredir(natlookup_t *);
+extern nat_t *ipf_nat6_lookupredir(ipf_main_softc_t *, natlookup_t *);
extern int ipf_nat6_newmap(fr_info_t *, nat_t *, natinfo_t *);
extern int ipf_nat6_newrdr(fr_info_t *, nat_t *, natinfo_t *);
extern nat_t *ipf_nat6_outlookup(fr_info_t *, u_int, u_int,
Index: src/sys/external/bsd/ipf/netinet/ip_nat6.c
diff -u src/sys/external/bsd/ipf/netinet/ip_nat6.c:1.7 src/sys/external/bsd/ipf/netinet/ip_nat6.c:1.8
--- src/sys/external/bsd/ipf/netinet/ip_nat6.c:1.7 Tue Apr 1 15:19:29 2014
+++ src/sys/external/bsd/ipf/netinet/ip_nat6.c Fri Aug 7 17:31:12 2015
@@ -1,4 +1,4 @@
-/* $NetBSD: ip_nat6.c,v 1.7 2014/04/01 15:19:29 christos Exp $ */
+/* $NetBSD: ip_nat6.c,v 1.8 2015/08/07 17:31:12 prlw1 Exp $ */
/*
* Copyright (C) 2012 by Darren Reed.
@@ -2414,12 +2414,13 @@ find_out_wild_ports:
/* nl_out* = destination information (translated) */
/* ------------------------------------------------------------------------ */
nat_t *
-ipf_nat6_lookupredir(natlookup_t *np)
+ipf_nat6_lookupredir(ipf_main_softc_t *softc, natlookup_t *np)
{
fr_info_t fi;
nat_t *nat;
bzero((char *)&fi, sizeof(fi));
+ fi.fin_main_soft = softc;
if (np->nl_flags & IPN_IN) {
fi.fin_data[0] = ntohs(np->nl_realport);
fi.fin_data[1] = ntohs(np->nl_outport);
