Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 29 Aug 2007 14:24:05 +0900
From:      "George V. Neville-Neil" <gnn@neville-neil.com>
To:        "George V. Neville-Neil" <gnn@neville-neil.com>
Cc:        "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net>, freebsd-net@freebsd.org, blue <susan.lan@zyxel.com.tw>, JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= <jinmei@isl.rdc.toshiba.co.jp>
Subject:   Re: infinite loop in esp6_ctlinput()?
Message-ID:  <m28x7uoqve.wl%gnn@neville-neil.com>
In-Reply-To: <m2lkbvnl4q.wl%gnn@neville-neil.com>
References:  <46D38543.4020507@zyxel.com.tw> <m11wdote2t.wl%jinmei@isl.rdc.toshiba.co.jp> <46D3B747.1090903@zyxel.com.tw> <20070828092348.Y87821@maildrop.int.zabbadoz.net> <46D40BB7.4060100@zyxel.com.tw> <m1tzqjsmog.wl%jinmei@isl.rdc.toshiba.co.jp> <m2lkbvnl4q.wl%gnn@neville-neil.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
Hi,

Please try the attached patch, which mimics exactly what the Kame code
used to do.  I have not fully tested it, but it builds and runs.

I will need some time to reproduce the panic you saw on one of my
boxes.  If you can tell me the steps you took to get that to happen
that would be great.

Best,
George


==== //depot/user/gnn/ipsec_seven/src/sys/netipsec/ipsec_input.c#1 - /home/gnn/user/gnn/ipsec_seven/src/sys/netipsec/ipsec_input.c ====
@@ -761,6 +761,11 @@
 void
 esp6_ctlinput(int cmd, struct sockaddr *sa, void *d)
 {
+       struct ip6ctlparam *ip6cp = NULL;
+       struct mbuf *m = NULL;
+       struct ip6_hdr *ip6;
+       int off;
+
        if (sa->sa_family != AF_INET6 ||
            sa->sa_len != sizeof(struct sockaddr_in6))
                return;
@@ -768,10 +773,18 @@
                return;
 
        /* if the parameter is from icmp6, decode it. */
-       if (d !=  NULL) {
-               struct ip6ctlparam *ip6cp = (struct ip6ctlparam *)d;
-               struct mbuf *m = ip6cp->ip6c_m;
-               int off = ip6cp->ip6c_off;
+       if (d != NULL) {
+               ip6cp = (struct ip6ctlparam *)d;
+               m = ip6cp->ip6c_m;
+               ip6 = ip6cp->ip6c_ip6;
+               off = ip6cp->ip6c_off;
+       } else {
+               m = NULL;
+               ip6 = NULL;
+               off = 0;        /* calm gcc */
+       }
+
+       if (ip6) {
 
                struct ip6ctlparam ip6cp1;

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?m28x7uoqve.wl%gnn>