Date: Wed, 29 Jul 2015 20:10:37 +0000 (UTC) From: Ermal Luçi <eri@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r286037 - head/sys/netinet Message-ID: <201507292010.t6TKAbjL017213@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: eri Date: Wed Jul 29 20:10:36 2015 New Revision: 286037 URL: https://svnweb.freebsd.org/changeset/base/286037 Log: Avoid double reference decrement when firewalls force relooping of packets When firewalls force a reloop of packets and the caller supplied a route the reference to the route might be reduced twice creating issues. This is especially the scenario when a packet is looped because of operation in the firewall but the new route lookup gives a down route. Differential Revision: https://reviews.freebsd.org/D3037 Reviewed by: gnn Approved by: gnn(mentor) Modified: head/sys/netinet/ip_output.c Modified: head/sys/netinet/ip_output.c ============================================================================== --- head/sys/netinet/ip_output.c Wed Jul 29 20:02:20 2015 (r286036) +++ head/sys/netinet/ip_output.c Wed Jul 29 20:10:36 2015 (r286037) @@ -681,6 +681,13 @@ sendit: done: if (ro == &iproute) RO_RTFREE(ro); + else if (rte == NULL) + /* + * If the caller supplied a route but somehow the reference + * to it has been released need to prevent the caller + * calling RTFREE on it again. + */ + ro->ro_rt = NULL; if (have_ia_ref) ifa_free(&ia->ia_ifa); return (error);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201507292010.t6TKAbjL017213>