Module Name: src Committed By: martin Date: Sun Apr 1 09:20:23 UTC 2018
Modified Files: src/sys/netinet6 [netbsd-6-0]: ip6_forward.c Log Message: Pull up following revision(s) (requested by maxv in ticket #1540): sys/netinet6/ip6_forward.c: revision 1.91 (via patch) Fix two pretty bad mistakes. If ipsec6_check_policy fails m is not freed, and a 'goto out' is missing after ipsec6_process_packet. To generate a diff of this commit: cvs rdiff -u -r1.69.6.1 -r1.69.6.2 src/sys/netinet6/ip6_forward.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/sys/netinet6/ip6_forward.c diff -u src/sys/netinet6/ip6_forward.c:1.69.6.1 src/sys/netinet6/ip6_forward.c:1.69.6.2 --- src/sys/netinet6/ip6_forward.c:1.69.6.1 Tue Mar 13 16:43:03 2018 +++ src/sys/netinet6/ip6_forward.c Sun Apr 1 09:20:22 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: ip6_forward.c,v 1.69.6.1 2018/03/13 16:43:03 snj Exp $ */ +/* $NetBSD: ip6_forward.c,v 1.69.6.2 2018/04/01 09:20:22 martin Exp $ */ /* $KAME: ip6_forward.c,v 1.109 2002/09/11 08:10:17 sakane Exp $ */ /* @@ -31,7 +31,7 @@ */ #include <sys/cdefs.h> -__KERNEL_RCSID(0, "$NetBSD: ip6_forward.c,v 1.69.6.1 2018/03/13 16:43:03 snj Exp $"); +__KERNEL_RCSID(0, "$NetBSD: ip6_forward.c,v 1.69.6.2 2018/04/01 09:20:22 martin Exp $"); #include "opt_gateway.h" #include "opt_ipsec.h" @@ -361,9 +361,10 @@ ip6_forward(struct mbuf *m, int srcrt) * because we asked key management for an SA and * it was delayed (e.g. kicked up to IKE). */ - if (error == -EINVAL) - error = 0; - goto freecopy; + if (error == -EINVAL) + error = 0; + m_freem(m); + goto freecopy; } #endif /* FAST_IPSEC */ @@ -467,8 +468,10 @@ ip6_forward(struct mbuf *m, int srcrt) s = splsoftnet(); error = ipsec6_process_packet(m,sp->req); splx(s); + /* m is freed */ if (mcopy) goto freecopy; + return; } #endif