Date: Sat, 6 Oct 2012 07:06:58 +0000 (UTC) From: Gleb Smirnoff <glebius@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r241244 - head/sys/netpfil/pf Message-ID: <201210060706.q9676wpo017272@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: glebius Date: Sat Oct 6 07:06:57 2012 New Revision: 241244 URL: http://svn.freebsd.org/changeset/base/241244 Log: The pfil(9) layer guarantees us presence of the protocol header, so remove extra check, that is always false. P.S. Also, goto there lead to unlocking a not locked rwlock. Modified: head/sys/netpfil/pf/pf.c Modified: head/sys/netpfil/pf/pf.c ============================================================================== --- head/sys/netpfil/pf/pf.c Sat Oct 6 06:07:33 2012 (r241243) +++ head/sys/netpfil/pf/pf.c Sat Oct 6 07:06:57 2012 (r241244) @@ -5620,13 +5620,6 @@ pf_test(int dir, struct ifnet *ifp, stru if (m->m_flags & M_SKIP_FIREWALL) return (PF_PASS); - if (m->m_pkthdr.len < (int)sizeof(struct ip)) { - action = PF_DROP; - REASON_SET(&reason, PFRES_SHORT); - log = 1; - goto done; - } - pd.pf_mtag = pf_find_mtag(m); PF_RULES_RLOCK(); @@ -5992,13 +5985,6 @@ pf_test6(int dir, struct ifnet *ifp, str if (kif->pfik_flags & PFI_IFLAG_SKIP) return (PF_PASS); - if (m->m_pkthdr.len < (int)sizeof(*h)) { - action = PF_DROP; - REASON_SET(&reason, PFRES_SHORT); - log = 1; - goto done; - } - PF_RULES_RLOCK(); /* We do IP header normalization and packet reassembly here */
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201210060706.q9676wpo017272>