From owner-freebsd-bugs@FreeBSD.ORG Wed Apr 7 18:30:04 2010 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C2F5D106566C for ; Wed, 7 Apr 2010 18:30:04 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 859F28FC1D for ; Wed, 7 Apr 2010 18:30:04 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id o37IU43d087170 for ; Wed, 7 Apr 2010 18:30:04 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id o37IU4bs087165; Wed, 7 Apr 2010 18:30:04 GMT (envelope-from gnats) Resent-Date: Wed, 7 Apr 2010 18:30:04 GMT Resent-Message-Id: <201004071830.o37IU4bs087165@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Aleksey Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 65A0D1065688 for ; Wed, 7 Apr 2010 18:25:03 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21]) by mx1.freebsd.org (Postfix) with ESMTP id 553508FC0C for ; Wed, 7 Apr 2010 18:25:03 +0000 (UTC) Received: from www.freebsd.org (localhost [127.0.0.1]) by www.freebsd.org (8.14.3/8.14.3) with ESMTP id o37IP2WC090764 for ; Wed, 7 Apr 2010 18:25:02 GMT (envelope-from nobody@www.freebsd.org) Received: (from nobody@localhost) by www.freebsd.org (8.14.3/8.14.3/Submit) id o37IP2cx090763; Wed, 7 Apr 2010 18:25:02 GMT (envelope-from nobody) Message-Id: <201004071825.o37IP2cx090763@www.freebsd.org> Date: Wed, 7 Apr 2010 18:25:02 GMT From: Aleksey To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-3.1 Cc: Subject: kern/145462: [patch] panic kernel when ng_ipfw send ip package on not existing netgraph node X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 Apr 2010 18:30:04 -0000 >Number: 145462 >Category: kern >Synopsis: [patch] panic kernel when ng_ipfw send ip package on not existing netgraph node >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Wed Apr 07 18:30:03 UTC 2010 >Closed-Date: >Last-Modified: >Originator: Aleksey >Release: 7.3-RELEASE >Organization: MKC >Environment: FreeBSD nas2.test 7.3-RELEASE FreeBSD 7.3-RELEASE #2: Wed Apr 7 01:12:12 OMSST 2010 root@nas2.test:/usr/obj/usr/src/sys/GW i386 >Description: When ng_ipfw send ip package on not existing netgraph node, package must is rejected. Dead node, causes panic a kernel, at issues of the package in it. >How-To-Repeat: ipfw add 1 netgraph 1 all from me to any ping 127.0.0.1 >Fix: --- /usr/src/sys/netgraph/ng_ipfw.c.orig 2010-02-10 06:26:20.000000000 +0600 +++ /usr/src/sys/netgraph/ng_ipfw.c 2010-04-08 01:13:31.000000000 +0700 @@ -271,8 +271,10 @@ */ if (fw_node == NULL || (hook = ng_ipfw_findhook1(fw_node, fwa->cookie)) == NULL) { - if (tee == 0) + if (tee == 0) { m_freem(*m0); + *m0 = NULL; + } return (ESRCH); /* no hook associated with this rule */ } >Release-Note: >Audit-Trail: >Unformatted: