git: b50e1465e88d - main - routing: plug mbuf leak for the packets hitting IPv6 blackhole route

The branch main has been updated by melifaro:

URL: https://cgit.FreeBSD.org/src/commit/?id=b50e1465e88dcf5f6f008892d802df010e7029d1

commit b50e1465e88dcf5f6f008892d802df010e7029d1
Author:     Alexander V. Chernikov <melifaro@FreeBSD.org>
AuthorDate: 2023-05-17 09:06:04 +0000
Commit:     Alexander V. Chernikov <melifaro@FreeBSD.org>
CommitDate: 2023-05-17 09:06:04 +0000

    routing: plug mbuf leak for the packets hitting IPv6 blackhole route
    
    Reported by:    Dmitriy Smirnov <fox@sage.su>
    Tested by:      Dmitriy Smirnov <fox@sage.su>
    MFC after:      1 day
---
 sys/netinet6/ip6_forward.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/sys/netinet6/ip6_forward.c b/sys/netinet6/ip6_forward.c
index c8f9079e0aa7..0f7260ccd067 100644
--- a/sys/netinet6/ip6_forward.c
+++ b/sys/netinet6/ip6_forward.c
@@ -198,9 +198,12 @@ again:
 
 	if (nh->nh_flags & (NHF_BLACKHOLE | NHF_REJECT)) {
 		IP6STAT_INC(ip6s_cantforward);
-		if ((nh->nh_flags & NHF_REJECT) && (mcopy != NULL)) {
-			icmp6_error(mcopy, ICMP6_DST_UNREACH,
-			    ICMP6_DST_UNREACH_REJECT, 0);
+		if (mcopy != NULL) {
+			if (nh->nh_flags & NHF_REJECT) {
+				icmp6_error(mcopy, ICMP6_DST_UNREACH,
+				    ICMP6_DST_UNREACH_REJECT, 0);
+			} else
+				m_freem(mcopy);
 		}
 		goto bad;
 	}