Module Name: src
Committed By: ozaki-r
Date: Tue Jun 28 02:02:56 UTC 2016
Modified Files:
src/sys/net: if_pppoe.c
src/sys/netinet: if_arp.c igmp.c ip_input.c
src/sys/netinet6: icmp6.c in6_gif.c ip6_forward.c
Log Message:
Add missing NULL checks for m_get_rcvif_psref
To generate a diff of this commit:
cvs rdiff -u -r1.109 -r1.110 src/sys/net/if_pppoe.c
cvs rdiff -u -r1.212 -r1.213 src/sys/netinet/if_arp.c
cvs rdiff -u -r1.59 -r1.60 src/sys/netinet/igmp.c
cvs rdiff -u -r1.329 -r1.330 src/sys/netinet/ip_input.c
cvs rdiff -u -r1.189 -r1.190 src/sys/netinet6/icmp6.c
cvs rdiff -u -r1.74 -r1.75 src/sys/netinet6/in6_gif.c
cvs rdiff -u -r1.79 -r1.80 src/sys/netinet6/ip6_forward.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/if_pppoe.c
diff -u src/sys/net/if_pppoe.c:1.109 src/sys/net/if_pppoe.c:1.110
--- src/sys/net/if_pppoe.c:1.109 Mon Jun 20 06:46:37 2016
+++ src/sys/net/if_pppoe.c Tue Jun 28 02:02:56 2016
@@ -1,4 +1,4 @@
-/* $NetBSD: if_pppoe.c,v 1.109 2016/06/20 06:46:37 knakahara Exp $ */
+/* $NetBSD: if_pppoe.c,v 1.110 2016/06/28 02:02:56 ozaki-r Exp $ */
/*-
* Copyright (c) 2002, 2008 The NetBSD Foundation, Inc.
@@ -30,7 +30,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if_pppoe.c,v 1.109 2016/06/20 06:46:37 knakahara Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_pppoe.c,v 1.110 2016/06/28 02:02:56 ozaki-r Exp $");
#include "pppoe.h"
@@ -803,6 +803,8 @@ pppoe_data_input(struct mbuf *m)
session = ntohs(ph->session);
rcvif = m_get_rcvif_psref(m, &psref);
+ if (__predict_false(rcvif == NULL))
+ goto drop;
sc = pppoe_find_softc_by_session(session, rcvif);
if (sc == NULL) {
#ifdef PPPOE_TERM_UNKNOWN_SESSIONS
Index: src/sys/netinet/if_arp.c
diff -u src/sys/netinet/if_arp.c:1.212 src/sys/netinet/if_arp.c:1.213
--- src/sys/netinet/if_arp.c:1.212 Mon Jun 20 06:46:38 2016
+++ src/sys/netinet/if_arp.c Tue Jun 28 02:02:56 2016
@@ -1,4 +1,4 @@
-/* $NetBSD: if_arp.c,v 1.212 2016/06/20 06:46:38 knakahara Exp $ */
+/* $NetBSD: if_arp.c,v 1.213 2016/06/28 02:02:56 ozaki-r Exp $ */
/*-
* Copyright (c) 1998, 2000, 2008 The NetBSD Foundation, Inc.
@@ -68,7 +68,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if_arp.c,v 1.212 2016/06/20 06:46:38 knakahara Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_arp.c,v 1.213 2016/06/28 02:02:56 ozaki-r Exp $");
#ifdef _KERNEL_OPT
#include "opt_ddb.h"
@@ -981,6 +981,8 @@ in_arpinput(struct mbuf *m)
op = ntohs(ah->ar_op);
rcvif = ifp = m_get_rcvif_psref(m, &psref);
+ if (__predict_false(rcvif == NULL))
+ goto drop;
/*
* Fix up ah->ar_hrd if necessary, before using ar_tha() or
* ar_tpa().
Index: src/sys/netinet/igmp.c
diff -u src/sys/netinet/igmp.c:1.59 src/sys/netinet/igmp.c:1.60
--- src/sys/netinet/igmp.c:1.59 Tue Jun 21 03:28:27 2016
+++ src/sys/netinet/igmp.c Tue Jun 28 02:02:56 2016
@@ -1,4 +1,4 @@
-/* $NetBSD: igmp.c,v 1.59 2016/06/21 03:28:27 ozaki-r Exp $ */
+/* $NetBSD: igmp.c,v 1.60 2016/06/28 02:02:56 ozaki-r Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -40,7 +40,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: igmp.c,v 1.59 2016/06/21 03:28:27 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: igmp.c,v 1.60 2016/06/28 02:02:56 ozaki-r Exp $");
#ifdef _KERNEL_OPT
#include "opt_mrouting.h"
@@ -236,6 +236,9 @@ igmp_input(struct mbuf *m, ...)
m->m_len += iphlen;
ifp = m_get_rcvif_psref(m, &psref);
+ if (__predict_false(ifp == NULL))
+ goto drop;
+
switch (igmp->igmp_type) {
case IGMP_HOST_MEMBERSHIP_QUERY:
Index: src/sys/netinet/ip_input.c
diff -u src/sys/netinet/ip_input.c:1.329 src/sys/netinet/ip_input.c:1.330
--- src/sys/netinet/ip_input.c:1.329 Fri Jun 10 13:31:44 2016
+++ src/sys/netinet/ip_input.c Tue Jun 28 02:02:56 2016
@@ -1,4 +1,4 @@
-/* $NetBSD: ip_input.c,v 1.329 2016/06/10 13:31:44 ozaki-r Exp $ */
+/* $NetBSD: ip_input.c,v 1.330 2016/06/28 02:02:56 ozaki-r Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -91,7 +91,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip_input.c,v 1.329 2016/06/10 13:31:44 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip_input.c,v 1.330 2016/06/28 02:02:56 ozaki-r Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -383,6 +383,8 @@ ip_input(struct mbuf *m)
KASSERT((m->m_flags & M_PKTHDR) != 0);
ifp = m_get_rcvif_psref(m, &psref);
+ if (__predict_false(ifp == NULL))
+ goto bad;
/*
* If no IP addresses have been set yet but the interfaces
@@ -1060,6 +1062,11 @@ ip_dooptions(struct mbuf *m)
}
rcvif = m_get_rcvif_psref(m, &psref);
+ if (__predict_false(rcvif == NULL)) {
+ type = ICMP_UNREACH;
+ code = ICMP_UNREACH_HOST;
+ goto bad;
+ }
ip_forward(m, 1, rcvif);
m_put_rcvif_psref(rcvif, &psref);
return true;
@@ -1387,6 +1394,9 @@ ip_savecontrol(struct inpcb *inp, struct
struct psref psref;
ifp = m_get_rcvif_psref(m, &psref);
+ if (__predict_false(ifp == NULL))
+ return; /* XXX should report error? */
+
if (so->so_options & SO_TIMESTAMP
#ifdef SO_OTIMESTAMP
|| so->so_options & SO_OTIMESTAMP
Index: src/sys/netinet6/icmp6.c
diff -u src/sys/netinet6/icmp6.c:1.189 src/sys/netinet6/icmp6.c:1.190
--- src/sys/netinet6/icmp6.c:1.189 Tue Jun 21 10:25:27 2016
+++ src/sys/netinet6/icmp6.c Tue Jun 28 02:02:56 2016
@@ -1,4 +1,4 @@
-/* $NetBSD: icmp6.c,v 1.189 2016/06/21 10:25:27 ozaki-r Exp $ */
+/* $NetBSD: icmp6.c,v 1.190 2016/06/28 02:02:56 ozaki-r Exp $ */
/* $KAME: icmp6.c,v 1.217 2001/06/20 15:03:29 jinmei Exp $ */
/*
@@ -62,7 +62,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: icmp6.c,v 1.189 2016/06/21 10:25:27 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: icmp6.c,v 1.190 2016/06/28 02:02:56 ozaki-r Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -457,6 +457,9 @@ icmp6_input(struct mbuf **mp, int *offp,
struct psref psref;
rcvif = m_get_rcvif_psref(m, &psref);
+ if (__predict_false(rcvif == NULL))
+ goto freeit;
+
#define ICMP6_MAXLEN (sizeof(*nip6) + sizeof(*nicmp6) + 4)
KASSERT(ICMP6_MAXLEN < MCLBYTES);
icmp6_ifstat_inc(rcvif, ifs6_in_msg);
Index: src/sys/netinet6/in6_gif.c
diff -u src/sys/netinet6/in6_gif.c:1.74 src/sys/netinet6/in6_gif.c:1.75
--- src/sys/netinet6/in6_gif.c:1.74 Fri Jun 10 13:31:44 2016
+++ src/sys/netinet6/in6_gif.c Tue Jun 28 02:02:56 2016
@@ -1,4 +1,4 @@
-/* $NetBSD: in6_gif.c,v 1.74 2016/06/10 13:31:44 ozaki-r Exp $ */
+/* $NetBSD: in6_gif.c,v 1.75 2016/06/28 02:02:56 ozaki-r Exp $ */
/* $KAME: in6_gif.c,v 1.62 2001/07/29 04:27:25 itojun Exp $ */
/*
@@ -31,7 +31,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: in6_gif.c,v 1.74 2016/06/10 13:31:44 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: in6_gif.c,v 1.75 2016/06/28 02:02:56 ozaki-r Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -231,7 +231,7 @@ in6_gif_input(struct mbuf **mp, int *off
struct psref psref;
struct ifnet *rcvif = m_get_rcvif_psref(m, &psref);
- if (!gif_validate6(ip6, sc, rcvif)) {
+ if (rcvif == NULL || !gif_validate6(ip6, sc, rcvif)) {
m_put_rcvif_psref(rcvif, &psref);
m_freem(m);
IP6_STATINC(IP6_STAT_NOGIF);
Index: src/sys/netinet6/ip6_forward.c
diff -u src/sys/netinet6/ip6_forward.c:1.79 src/sys/netinet6/ip6_forward.c:1.80
--- src/sys/netinet6/ip6_forward.c:1.79 Fri Jun 10 13:31:44 2016
+++ src/sys/netinet6/ip6_forward.c Tue Jun 28 02:02:56 2016
@@ -1,4 +1,4 @@
-/* $NetBSD: ip6_forward.c,v 1.79 2016/06/10 13:31:44 ozaki-r Exp $ */
+/* $NetBSD: ip6_forward.c,v 1.80 2016/06/28 02:02:56 ozaki-r Exp $ */
/* $KAME: ip6_forward.c,v 1.109 2002/09/11 08:10:17 sakane Exp $ */
/*
@@ -31,7 +31,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip6_forward.c,v 1.79 2016/06/10 13:31:44 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip6_forward.c,v 1.80 2016/06/28 02:02:56 ozaki-r Exp $");
#ifdef _KERNEL_OPT
#include "opt_gateway.h"
@@ -146,6 +146,9 @@ ip6_forward(struct mbuf *m, int srcrt)
m->m_pkthdr.csum_flags = 0;
rcvif = m_get_rcvif_psref(m, &psref);
+ if (__predict_false(rcvif == NULL))
+ goto drop;
+
/*
* Do not forward packets to multicast destination (should be handled
* by ip6_mforward().
