CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2025/11/13 08:49:50
Modified files:
sys/netinet : igmp.c
Log message:
In IGMP fix race and cleanup code.
There was a race when rti_fill() calls malloc() with M_WAITOK.
Before adding new entries, rti_fill() scans the rti list. But while
malloc sleeps, a new entry could enter the list. With duplicate
entries, rti_delete() does not behave properly. That might explain
crashes syzkaller has found in the past.
Rename old rti_find() to rti_reset() which changes the rti as needed
for the one place where it is called.
Add new rti_find() that finds the rti based on the interface index.
Use new rti_find() in rti_fill(), rti_reset(), rti_delete().
Fix sleep race in rti_fill() by re-scannig the list.
OK mvs@
