hello, (07/09/14 13:54), Tyler R. Retzlaff wrote:
Module Name: src Committed By: rtr Date: Wed Jul 9 04:54:04 UTC 2014Modified Files: src/sys/compat/svr4: svr4_stream.c src/sys/kern: uipc_syscalls.c uipc_usrreq.c src/sys/net: if_gre.c link_proto.c raw_usrreq.c rtsock.c src/sys/netatalk: ddp_usrreq.c src/sys/netbt: hci_socket.c l2cap.h l2cap_socket.c l2cap_upper.c rfcomm.h rfcomm_dlc.c rfcomm_session.c rfcomm_socket.c rfcomm_upper.c sco.h sco_socket.c sco_upper.c src/sys/netinet: raw_ip.c tcp_usrreq.c udp_usrreq.c src/sys/netinet6: raw_ip6.c udp6_usrreq.c src/sys/netipsec: keysock.c src/sys/netmpls: mpls_proto.c src/sys/netnatm: natm.c src/sys/rump/net/lib/libsockin: sockin.c src/sys/sys: param.h protosw.h socketvar.h Log Message: * split PRU_PEERADDR and PRU_SOCKADDR function out of pr_generic() usrreq switches and put into separate functions xxx_{peer,sock}addr(struct socket *, struct mbuf *). - KASSERT(solocked(so)) always in new functions even if request is not implemented
At line 597, 608 in raw_ip.c rev 1.132
KASSERT(solocked(0));
These always cause null pointer dereference. -- t-hash
