Date: Tue, 10 Dec 2019 10:35:32 +0000 (UTC) From: "Andrey V. Elsukov" <ae@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r355581 - head/sys/netpfil/ipfw Message-ID: <201912101035.xBAAZWen063061@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: ae Date: Tue Dec 10 10:35:32 2019 New Revision: 355581 URL: https://svnweb.freebsd.org/changeset/base/355581 Log: Avoid access to stale ip pointer and call UPDATE_POINTERS() after PULLUP_LEN_LOCKED(). PULLUP_LEN_LOCKED() could update mbuf and thus we need to update related pointers that can be used in next opcodes. Reported by: Maxime Villard <max at m00nbsd net> MFC after: 1 week Modified: head/sys/netpfil/ipfw/ip_fw2.c Modified: head/sys/netpfil/ipfw/ip_fw2.c ============================================================================== --- head/sys/netpfil/ipfw/ip_fw2.c Tue Dec 10 08:16:19 2019 (r355580) +++ head/sys/netpfil/ipfw/ip_fw2.c Tue Dec 10 10:35:32 2019 (r355581) @@ -1465,7 +1465,8 @@ do { \ #define PULLUP_LEN(_len, p, T) _PULLUP_LOCKED(_len, p, T, ) #define PULLUP_LEN_LOCKED(_len, p, T) \ - _PULLUP_LOCKED(_len, p, T, IPFW_PF_RUNLOCK(chain)) + _PULLUP_LOCKED(_len, p, T, IPFW_PF_RUNLOCK(chain)); \ + UPDATE_POINTERS() /* * In case pointers got stale after pullups, update them. */
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201912101035.xBAAZWen063061>