Date: Wed, 7 Apr 2010 18:25:02 GMT From: Aleksey <otim@mail.ru> To: freebsd-gnats-submit@FreeBSD.org Subject: kern/145462: [patch] panic kernel when ng_ipfw send ip package on not existing netgraph node Message-ID: <201004071825.o37IP2cx090763@www.freebsd.org> Resent-Message-ID: <201004071830.o37IU4bs087165@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 145462
>Category: kern
>Synopsis: [patch] panic kernel when ng_ipfw send ip package on not existing netgraph node
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Wed Apr 07 18:30:03 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator: Aleksey
>Release: 7.3-RELEASE
>Organization:
MKC
>Environment:
FreeBSD nas2.test 7.3-RELEASE FreeBSD 7.3-RELEASE #2: Wed Apr 7 01:12:12 OMSST 2010 root@nas2.test:/usr/obj/usr/src/sys/GW i386
>Description:
When ng_ipfw send ip package on not existing netgraph node, package must is rejected. Dead node, causes panic a kernel, at issues of the package in it.
>How-To-Repeat:
ipfw add 1 netgraph 1 all from me to any
ping 127.0.0.1
>Fix:
--- /usr/src/sys/netgraph/ng_ipfw.c.orig 2010-02-10 06:26:20.000000000 +0600
+++ /usr/src/sys/netgraph/ng_ipfw.c 2010-04-08 01:13:31.000000000 +0700
@@ -271,8 +271,10 @@
*/
if (fw_node == NULL ||
(hook = ng_ipfw_findhook1(fw_node, fwa->cookie)) == NULL) {
- if (tee == 0)
+ if (tee == 0) {
m_freem(*m0);
+ *m0 = NULL;
+ }
return (ESRCH); /* no hook associated with this rule */
}
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201004071825.o37IP2cx090763>