svn commit: r286037 - head/sys/netinet
Ermal Luçi
eri at FreeBSD.org
Wed Jul 29 20:10:37 UTC 2015
Author: eri
Date: Wed Jul 29 20:10:36 2015
New Revision: 286037
URL: https://svnweb.freebsd.org/changeset/base/286037
Log:
Avoid double reference decrement when firewalls force relooping of packets
When firewalls force a reloop of packets and the caller supplied a route the reference to the route might be reduced twice creating issues.
This is especially the scenario when a packet is looped because of operation in the firewall but the new route lookup gives a down route.
Differential Revision: https://reviews.freebsd.org/D3037
Reviewed by: gnn
Approved by: gnn(mentor)
Modified:
head/sys/netinet/ip_output.c
Modified: head/sys/netinet/ip_output.c
==============================================================================
--- head/sys/netinet/ip_output.c Wed Jul 29 20:02:20 2015 (r286036)
+++ head/sys/netinet/ip_output.c Wed Jul 29 20:10:36 2015 (r286037)
@@ -681,6 +681,13 @@ sendit:
done:
if (ro == &iproute)
RO_RTFREE(ro);
+ else if (rte == NULL)
+ /*
+ * If the caller supplied a route but somehow the reference
+ * to it has been released need to prevent the caller
+ * calling RTFREE on it again.
+ */
+ ro->ro_rt = NULL;
if (have_ia_ref)
ifa_free(&ia->ia_ifa);
return (error);
More information about the svn-src-head
mailing list