infinite loop in esp6_ctlinput()?
George V. Neville-Neil
gnn at neville-neil.com
Tue Aug 28 22:25:43 PDT 2007
Hi,
Please try the attached patch, which mimics exactly what the Kame code
used to do. I have not fully tested it, but it builds and runs.
I will need some time to reproduce the panic you saw on one of my
boxes. If you can tell me the steps you took to get that to happen
that would be great.
Best,
George
==== //depot/user/gnn/ipsec_seven/src/sys/netipsec/ipsec_input.c#1 - /home/gnn/user/gnn/ipsec_seven/src/sys/netipsec/ipsec_input.c ====
@@ -761,6 +761,11 @@
void
esp6_ctlinput(int cmd, struct sockaddr *sa, void *d)
{
+ struct ip6ctlparam *ip6cp = NULL;
+ struct mbuf *m = NULL;
+ struct ip6_hdr *ip6;
+ int off;
+
if (sa->sa_family != AF_INET6 ||
sa->sa_len != sizeof(struct sockaddr_in6))
return;
@@ -768,10 +773,18 @@
return;
/* if the parameter is from icmp6, decode it. */
- if (d != NULL) {
- struct ip6ctlparam *ip6cp = (struct ip6ctlparam *)d;
- struct mbuf *m = ip6cp->ip6c_m;
- int off = ip6cp->ip6c_off;
+ if (d != NULL) {
+ ip6cp = (struct ip6ctlparam *)d;
+ m = ip6cp->ip6c_m;
+ ip6 = ip6cp->ip6c_ip6;
+ off = ip6cp->ip6c_off;
+ } else {
+ m = NULL;
+ ip6 = NULL;
+ off = 0; /* calm gcc */
+ }
+
+ if (ip6) {
struct ip6ctlparam ip6cp1;
More information about the freebsd-net
mailing list