From owner-freebsd-current Sat Sep 1 13: 1:23 2001 Delivered-To: freebsd-current@freebsd.org Received: from gate5.de (gatekeeper.gate5.de [212.84.193.254]) by hub.freebsd.org (Postfix) with ESMTP id B78A437B40A for ; Sat, 1 Sep 2001 13:01:19 -0700 (PDT) Received: from localhost (cc@localhost) by gate5.de (8.11.6/8.11.4) with ESMTP id f81K16Q00697 for ; Sat, 1 Sep 2001 22:01:07 +0200 (CEST) (envelope-from cc@devcon.net) X-Authentication-Warning: albert.gate5.de: cc owned process doing -bs Date: Sat, 1 Sep 2001 22:01:06 +0200 (CEST) From: Christian Carstensen X-X-Sender: To: Subject: and another one... Message-ID: X-NCC-RegId: de.devcon MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG hi, in net/bpf.c, bpfdetach(), stuct bpf_if *bp is used in a for loop, that, if not terminated by break before, leaves bp == NULL. evaluating (bp->bif_ifp == NULL) two lines later will cause a NULL pointer dereference, resulting in trap 12. please apply the attached patch. best, christian -- "Sorry, no defects found. Please try a different search" [http://www.cisco.com/support/bugtools/bugtool.shtml] ---------------------------- Index: bpf.c =================================================================== RCS file: /usr/cvs/src/sys/net/bpf.c,v retrieving revision 1.80 diff -r1.80 bpf.c 1267c1267 < if (bp->bif_ifp == NULL) { --- > if (bp == NULL || bp->bif_ifp == NULL) { To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message