Date: Tue, 12 Sep 2006 12:28:02 GMT From: Paolo Pisati <piso@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 106010 for review Message-ID: <200609121228.k8CCS24V025185@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=106010 Change 106010 by piso@piso_longino on 2006/09/12 12:27:59 -correctly release the rlock on nat_chain_rwl in case something goes wrong with the nat action -use a nat counter (nat_cnt) to keep track of all the nat instances -white space cleanup Affected files ... .. //depot/projects/soc2005/libalias/sbin/ipfw/ipfw2.c#8 edit .. //depot/projects/soc2005/libalias/sys/netinet/ip_fw2.c#13 edit Differences ... ==== //depot/projects/soc2005/libalias/sbin/ipfw/ipfw2.c#8 (text+ko) ==== @@ -5830,7 +5830,7 @@ struct cfg_nat *n; struct cfg_redir *e; int cmd, i, nbytes, do_cfg, do_rule = 0, frule, lrule, nalloc = 1024, - size = 0, loop, r; + size = 0, nat_cnt, r; u_int8_t *data = NULL, *p; char **lav, *endptr; @@ -5864,10 +5864,9 @@ if (nbytes == 0) exit(0); if (do_cfg) { - for (i = 0, loop = 1; loop; ) { + nat_cnt = *((int *)data); + for (i = sizeof(nat_cnt); nat_cnt; nat_cnt--) { n = (struct cfg_nat *)&data[i]; - if (n->next == NULL) - loop = 0; if (do_rule) if (!(frule <= n->id && lrule >= n->id)) continue; ==== //depot/projects/soc2005/libalias/sys/netinet/ip_fw2.c#13 (text+ko) ==== @@ -3420,16 +3420,17 @@ struct mbuf *mcl; /* XXX - libalias duct tape */ int ldt = 0; - char *c; + char *c; args->rule = f; /* Report matching rule. */ retval = 0; t = ((ipfw_insn_nat *)cmd)->nat; + NAT_RLOCK(&nat_chain_rwl); if (t == NULL) { - NAT_RLOCK(&nat_chain_rwl); t = lookup_nat(cmd->arg1); if (t == NULL) { retval = IP_FW_DENY; + NAT_RUNLOCK(&nat_chain_rwl); goto done; } else ((ipfw_insn_nat *)cmd)->nat = t; @@ -3495,6 +3496,7 @@ /* XXX - should i add some logging? */ m_free(mcl); badnat: + NAT_RUNLOCK(&nat_chain_rwl); args->m = NULL; retval = IP_FW_DENY; goto done; @@ -4599,9 +4601,9 @@ add_redir_spool_cfg(&buf[(sizeof(struct cfg_nat))], ptr); /* Add new entries. */ free(buf, M_IPFW); - NAT_WLOCK(&nat_chain_rwl); + NAT_WLOCK(&nat_chain_rwl); HOOK_NAT(&nat_chain, ptr); - NAT_WUNLOCK(&nat_chain_rwl); + NAT_WUNLOCK(&nat_chain_rwl); } break; @@ -4636,14 +4638,16 @@ int sof_nat = sizeof(struct cfg_nat); int sof_redir = sizeof(struct cfg_redir); int sof_spool = sizeof(struct cfg_spool); - int off = 0; - + int nat_cnt = 0, off = sizeof(nat_cnt); + + printf("NAT_GET_CONFIG\n"); data = malloc(NAT_BUF_LEN, M_IPFW, M_NOWAIT | M_ZERO); if (data == NULL) return (ENOSPC); NAT_RLOCK(&nat_chain_rwl); /* Serialize all the data. */ LIST_FOREACH(n, &nat_chain, _next) { + nat_cnt++; if (off + sof_nat < NAT_BUF_LEN) { bcopy(n, &data[off], sof_nat); off += sof_nat; @@ -4664,9 +4668,11 @@ } else goto nospace; } + bcopy(&nat_cnt, data, sizeof(nat_cnt)); NAT_RUNLOCK(&nat_chain_rwl); error = sooptcopyout(sopt, data, NAT_BUF_LEN); free(data, M_IPFW); + break; nospace: NAT_RUNLOCK(&nat_chain_rwl); printf("serialized data buffer not big enough: please increase NAT_BUF_LEN\n");
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200609121228.k8CCS24V025185>