[Midnightbsd-cvs] src: ip_output.c: In ip_ctloutput(), check for a NULL inpcb pointer
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Sat May 17 14:03:08 EDT 2008
Log Message:
-----------
In ip_ctloutput(), check for a NULL inpcb pointer before dereferencing,
as this can occur with TCP if protocol-layer socket options are set or
queried after the connection has closed. There are still races
associated with ip_ctloutput() and connection close with TCP, corrected
in HEAD via a more comprehensive set of changes, but this fixes the
trivial panic reported on several occasions.
Obtained from: FreeBSD
Modified Files:
--------------
src/sys/netinet:
ip_output.c (r1.2 -> r1.3)
-------------- next part --------------
Index: ip_output.c
===================================================================
RCS file: /home/cvs/src/sys/netinet/ip_output.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -L sys/netinet/ip_output.c -L sys/netinet/ip_output.c -u -r1.2 -r1.3
--- sys/netinet/ip_output.c
+++ sys/netinet/ip_output.c
@@ -1176,6 +1176,9 @@
return (EINVAL);
}
+ if (inp == NULL)
+ return (EINVAL);
+
switch (sopt->sopt_dir) {
case SOPT_SET:
switch (sopt->sopt_name) {
More information about the Midnightbsd-cvs
mailing list