Date: Mon, 29 Jul 2013 13:17:18 +0000 (UTC) From: "Andrey V. Elsukov" <ae@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r253769 - head/sys/netpfil/pf Message-ID: <201307291317.r6TDHIOx091064@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: ae Date: Mon Jul 29 13:17:18 2013 New Revision: 253769 URL: http://svnweb.freebsd.org/changeset/base/253769 Log: Fix a possible NULL-pointer dereference on the pfsync(4) reconfiguration. Reported by: Eugene M. Zheganin Modified: head/sys/netpfil/pf/if_pfsync.c Modified: head/sys/netpfil/pf/if_pfsync.c ============================================================================== --- head/sys/netpfil/pf/if_pfsync.c Mon Jul 29 12:55:37 2013 (r253768) +++ head/sys/netpfil/pf/if_pfsync.c Mon Jul 29 13:17:18 2013 (r253769) @@ -1324,7 +1324,10 @@ pfsyncioctl(struct ifnet *ifp, u_long cm else if ((sifp = ifunit_ref(pfsyncr.pfsyncr_syncdev)) == NULL) return (EINVAL); - if (pfsyncr.pfsyncr_syncpeer.s_addr == 0 && sifp != NULL) + if (sifp != NULL && ( + pfsyncr.pfsyncr_syncpeer.s_addr == 0 || + pfsyncr.pfsyncr_syncpeer.s_addr == + htonl(INADDR_PFSYNC_GROUP))) mship = malloc((sizeof(struct in_multi *) * IP_MIN_MEMBERSHIPS), M_PFSYNC, M_WAITOK | M_ZERO);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201307291317.r6TDHIOx091064>