Author: bz
Date: Wed Jul 6 10:29:29 2016
New Revision: 302370
URL: https://svnweb.freebsd.org/changeset/base/302370
Log:
Only set the ipfilter running state to 'not running' if we are
doing the teardown. ipf_destroy_all() may free ipfmain in case
of ipf_dynamic_softc being true, thus we are avoiding a possible
memory modified after free as well.
Reported by: Coverity
Coverity CID: 1357320
Approved by: re (hrs)
MFC after: 10 days
Modified:
head/sys/contrib/ipfilter/netinet/mlfk_ipl.c
Modified: head/sys/contrib/ipfilter/netinet/mlfk_ipl.c
==============================================================================
--- head/sys/contrib/ipfilter/netinet/mlfk_ipl.c Wed Jul 6 05:17:56
2016 (r302369)
+++ head/sys/contrib/ipfilter/netinet/mlfk_ipl.c Wed Jul 6 10:29:29
2016 (r302370)
@@ -291,13 +291,14 @@ vnet_ipf_uninit(void)
return;
if (V_ipfmain.ipf_running >= 0) {
+
if (ipfdetach(&V_ipfmain) != 0)
return;
+ V_ipfmain.ipf_running = -2;
+
ipf_destroy_all(&V_ipfmain);
}
-
- V_ipfmain.ipf_running = -2;
}
VNET_SYSUNINIT(vnet_ipf_uninit, SI_SUB_PROTO_FIREWALL, SI_ORDER_THIRD,
vnet_ipf_uninit, NULL);
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "[email protected]"
