Date: Wed, 17 May 2023 09:09:28 GMT From: "Alexander V. Chernikov" <melifaro@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: b50e1465e88d - main - routing: plug mbuf leak for the packets hitting IPv6 blackhole route Message-ID: <202305170909.34H99Sgn057928@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by melifaro: URL: https://cgit.FreeBSD.org/src/commit/?id=b50e1465e88dcf5f6f008892d802df010e7029d1 commit b50e1465e88dcf5f6f008892d802df010e7029d1 Author: Alexander V. Chernikov <melifaro@FreeBSD.org> AuthorDate: 2023-05-17 09:06:04 +0000 Commit: Alexander V. Chernikov <melifaro@FreeBSD.org> CommitDate: 2023-05-17 09:06:04 +0000 routing: plug mbuf leak for the packets hitting IPv6 blackhole route Reported by: Dmitriy Smirnov <fox@sage.su> Tested by: Dmitriy Smirnov <fox@sage.su> MFC after: 1 day --- sys/netinet6/ip6_forward.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/sys/netinet6/ip6_forward.c b/sys/netinet6/ip6_forward.c index c8f9079e0aa7..0f7260ccd067 100644 --- a/sys/netinet6/ip6_forward.c +++ b/sys/netinet6/ip6_forward.c @@ -198,9 +198,12 @@ again: if (nh->nh_flags & (NHF_BLACKHOLE | NHF_REJECT)) { IP6STAT_INC(ip6s_cantforward); - if ((nh->nh_flags & NHF_REJECT) && (mcopy != NULL)) { - icmp6_error(mcopy, ICMP6_DST_UNREACH, - ICMP6_DST_UNREACH_REJECT, 0); + if (mcopy != NULL) { + if (nh->nh_flags & NHF_REJECT) { + icmp6_error(mcopy, ICMP6_DST_UNREACH, + ICMP6_DST_UNREACH_REJECT, 0); + } else + m_freem(mcopy); } goto bad; }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202305170909.34H99Sgn057928>