Date: Sun, 19 Apr 2015 12:49:31 +0000 (UTC) From: "Alexander V. Chernikov" <melifaro@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r281740 - head/sbin/ipfw Message-ID: <201504191249.t3JCnVPX044602@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: melifaro Date: Sun Apr 19 12:49:30 2015 New Revision: 281740 URL: https://svnweb.freebsd.org/changeset/base/281740 Log: Fix use-after-free. Reported by: Coverity Scan, pfg CID: 1245747 Modified: head/sbin/ipfw/nat.c Modified: head/sbin/ipfw/nat.c ============================================================================== --- head/sbin/ipfw/nat.c Sun Apr 19 12:11:07 2015 (r281739) +++ head/sbin/ipfw/nat.c Sun Apr 19 12:49:30 2015 (r281740) @@ -1008,11 +1008,10 @@ nat_foreach(nat_cb_t *f, void *arg, int olh->size = sz; if (do_get3(IP_FW_NAT44_LIST_NAT, &olh->opheader, &sz) != 0) { + sz = olh->size; free(olh); - if (errno == ENOMEM) { - sz = olh->size; + if (errno == ENOMEM) continue; - } return (errno); }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201504191249.t3JCnVPX044602>