On Sat, May 28, 2022 at 03:17:07PM +0200, Gerhard Roth wrote:
> Hi,
>
> since there's a 'sa_free(sa)' followed by a 'continue' a few lines down
> from the RB_FOREACH(), we must use RB_FOREACH_SAFE() instead.
>
> Gerhard
ok tobhe@
>
>
> Index: sbin/iked/ikev2.c
> ===================================================================
> RCS file: /cvs/src/sbin/iked/ikev2.c,v
> retrieving revision 1.346
> diff -u -p -C6 -u -p -r1.346 ikev2.c
> --- sbin/iked/ikev2.c 14 Mar 2022 12:58:55 -0000 1.346
> +++ sbin/iked/ikev2.c 28 May 2022 13:08:29 -0000
> @@ -223,13 +223,13 @@ ikev2_shutdown(struct privsep_proc *p)
> }
>
> int
> ikev2_dispatch_parent(int fd, struct privsep_proc *p, struct imsg *imsg)
> {
> struct iked *env = p->p_env;
> - struct iked_sa *sa;
> + struct iked_sa *sa, *satmp;
> struct iked_policy *pol, *old;
>
> switch (imsg->hdr.type) {
> case IMSG_CTL_RESET:
> return (config_getreset(env, imsg));
> case IMSG_CTL_COUPLE:
> @@ -242,13 +242,13 @@ ikev2_dispatch_parent(int fd, struct pri
> timer_del(env, &env->sc_inittmr);
> TAILQ_FOREACH(pol, &env->sc_policies, pol_entry) {
> if (policy_generate_ts(pol) == -1)
> fatalx("%s: too many traffic selectors",
> __func__);
> }
> /* Find new policies for dangling SAs */
> - RB_FOREACH(sa, iked_sas, &env->sc_sas) {
> + RB_FOREACH_SAFE(sa, iked_sas, &env->sc_sas, satmp) {
> if (sa->sa_state != IKEV2_STATE_ESTABLISHED) {
> sa_state(env, sa, IKEV2_STATE_CLOSING);
> ikev2_ike_sa_setreason(sa, "reload");
> sa_free(env, sa);
> continue;
> }
>
