Hi,
Christiano Haesbaert has sent me this diff.
They are setting pkt_sk to NULL if pkt_sk->reverse is not
pf_statek_key_isvalid(), but the chunk that creates the pkt_sk->reverse
link actually depends on pkt_sk != NULL.
I think it is correct.
ok?
bluhm
Index: net/pf.c
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/sys/net/pf.c,v
retrieving revision 1.1004
diff -u -p -u -p -r1.1004 pf.c
--- net/pf.c 6 Dec 2016 00:01:55 -0000 1.1004
+++ net/pf.c 23 Dec 2016 14:19:26 -0000
@@ -1002,13 +1002,14 @@ pf_find_state(struct pfi_kif *kif, struc
if (dir == PF_OUT) {
/* first if block deals with outbound forwarded packet */
pkt_sk = m->m_pkthdr.pf.statekey;
- if (pf_state_key_isvalid(pkt_sk) &&
- pf_state_key_isvalid(pkt_sk->reverse)) {
- sk = pkt_sk->reverse;
- } else {
+
+ if (!pf_state_key_isvalid(pkt_sk)) {
pf_pkt_unlink_state_key(m);
pkt_sk = NULL;
}
+
+ if (pkt_sk && pf_state_key_isvalid(pkt_sk->reverse))
+ sk = pkt_sk->reverse;
if (pkt_sk == NULL) {
/* here we deal with local outbound packet */
