svn commit: r279910 - head/sys/netpfil/pf

Andrey V. Elsukov Thu, 12 Mar 2015 01:59:39 -0700

Author: ae
Date: Thu Mar 12 08:57:24 2015
New Revision: 279910
URL: https://svnweb.freebsd.org/changeset/base/279910


Log:
  Reset mbuf pointer to NULL in fastroute case to indicate that mbuf was
  consumed by filter. This fixes several panics due to accessing to mbuf
  after free.
  
  Submitted by: Kristof Provost
  MFC after:    1 week

Modified:
  head/sys/netpfil/pf/pf.c

Modified: head/sys/netpfil/pf/pf.c
==============================================================================
--- head/sys/netpfil/pf/pf.c    Thu Mar 12 08:52:00 2015        (r279909)
+++ head/sys/netpfil/pf/pf.c    Thu Mar 12 08:57:24 2015        (r279910)
@@ -5470,6 +5470,7 @@ pf_route6(struct mbuf **m, struct pf_rul
                        PF_STATE_UNLOCK(s);
                m0->m_flags |= M_SKIP_FIREWALL;
                ip6_output(m0, NULL, NULL, 0, NULL, NULL, NULL);
+               *m = NULL;
                return;
        }
 
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r279910 - head/sys/netpfil/pf

Reply via email to