Date: Fri, 11 Aug 2000 22:00:41 +0900 From: JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= <jinmei@isl.rdc.toshiba.co.jp> To: net@FreeBSD.ORG Subject: a serious bug fix about IPv6 for 4.1 and current Message-ID: <y7v7l9oc5qe.wl@condor.isl.rdc.toshiba.co.jp>
next in thread | raw e-mail | index | archive | help
Hello,
We recently found a serios bug, which might cause kernel crash, in
IPv6 code developed by the KAME project. Unfortunately, the bug has
been merged into FreeBSD 4.1 (and current), and we confirmed kernel
crash could happen on "pure" FreeBSD 4.1, too.
The attached is a patch for FreeBSD 4.1 to fix the problem. If you
enable IPv6 on FreeBSD 4.1 or current, please be sure to apply the
fix. Also, I believe that it should be merged into the FreeBSD
repository (I can't do this by myself, since I'm not a
committer. Sorry about that).
I'd really apologize for the messy bug.
JINMEI, Tatuya
Communication Platform Lab.
Corporate R&D Center, Toshiba Corp.
jinmei@isl.rdc.toshiba.co.jp
*** nd6_rtr.c.orig Fri Aug 11 21:55:40 2000
--- nd6_rtr.c Fri Aug 11 21:56:34 2000
***************
*** 549,557 ****
#ifdef ND6_USE_RTSOCK
defrouter_msg(RTM_DELETE, oldrt);
#endif
! if (oldrt->rt_refcnt <= 0)
! oldrt->rt_refcnt++; /* XXX */
! rtfree(oldrt);
}
if (dofree) /* XXX: necessary? */
--- 549,562 ----
#ifdef ND6_USE_RTSOCK
defrouter_msg(RTM_DELETE, oldrt);
#endif
! if (oldrt->rt_refcnt <= 0) {
! /*
! * XXX: borrowed from the RTM_DELETE case of
! * rtrequest().
! */
! oldrt->rt_refcnt++;
! rtfree(oldrt);
! }
}
if (dofree) /* XXX: necessary? */
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?y7v7l9oc5qe.wl>