Date: Mon, 11 Mar 2019 10:33:32 +0000 (UTC) From: "Andrey V. Elsukov" <ae@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r345003 - head/sys/netpfil/ipfw/nat64 Message-ID: <201903111033.x2BAXW5q079058@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: ae Date: Mon Mar 11 10:33:32 2019 New Revision: 345003 URL: https://svnweb.freebsd.org/changeset/base/345003 Log: Add NULL pointer check to nat64_output(). It is possible, that a processed packet was originated by local host, in this case m->m_pkthdr.rcvif is NULL. Check and set it to V_loif to avoid NULL pointer dereference in IP input code, since it is expected that packet has valid receiving interface when netisr processes it. Obtained from: Yandex LLC MFC after: 1 week Sponsored by: Yandex LLC Modified: head/sys/netpfil/ipfw/nat64/nat64_translate.c Modified: head/sys/netpfil/ipfw/nat64/nat64_translate.c ============================================================================== --- head/sys/netpfil/ipfw/nat64/nat64_translate.c Mon Mar 11 08:30:29 2019 (r345002) +++ head/sys/netpfil/ipfw/nat64/nat64_translate.c Mon Mar 11 10:33:32 2019 (r345003) @@ -219,6 +219,8 @@ nat64_output(struct ifnet *ifp, struct mbuf *m, struct } if (logdata != NULL) nat64_log(logdata, m, af); + if (m->m_pkthdr.rcvif == NULL) + m->m_pkthdr.rcvif = V_loif; ret = netisr_queue(ret, m); if (ret != 0) NAT64STAT_INC(stats, oerrors);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201903111033.x2BAXW5q079058>