Hi Folks,
In a continuing effort to clean up some code nits in the IPv6 code
I'd like to propose the following diffs. There is a comment, starting
with a *) explaining the problem and proposed fix.
Let me know.
Later,
George
*) Insert proper return value checking.
cvs diff: Diffing .
Index: icmp6.c
===================================================================
RCS file: /Volumes/exported/FreeBSD-CVS/src/sys/netinet6/icmp6.c,v
retrieving revision 1.61
diff -u -r1.61 icmp6.c
--- icmp6.c 14 Apr 2005 11:41:23 -0000 1.61
+++ icmp6.c 11 May 2005 18:55:03 -0000
@@ -1,4 +1,4 @@
-/* $FreeBSD$ */
+/* $FreeBSD: src/sys/netinet6/icmp6.c,v 1.61 2005/04/14 11:41:23 gnn Exp $
*/
/* $KAME: icmp6.c,v 1.211 2001/04/04 05:56:20 itojun Exp $ */
/*-
@@ -2092,13 +2092,17 @@
sa6_src.sin6_len = sizeof(sa6_src);
sa6_src.sin6_addr = ip6->ip6_dst;
in6_recoverscope(&sa6_src, &ip6->ip6_dst, m->m_pkthdr.rcvif);
- in6_embedscope(&ip6->ip6_dst, &sa6_src, NULL, NULL);
+ if (in6_embedscope(&ip6->ip6_dst, &sa6_src, NULL, NULL)) {
+ goto bad;
+ }
bzero(&sa6_dst, sizeof(sa6_dst));
sa6_dst.sin6_family = AF_INET6;
sa6_dst.sin6_len = sizeof(sa6_dst);
sa6_dst.sin6_addr = t;
in6_recoverscope(&sa6_dst, &t, m->m_pkthdr.rcvif);
- in6_embedscope(&t, &sa6_dst, NULL, NULL);
+ if (in6_embedscope(&t, &sa6_dst, NULL, NULL)) {
+ goto bad;
+ }
#ifdef COMPAT_RFC1885
/*
*) Make sure that sro is also valid before de-referencing it.
Index: in6_src.c
===================================================================
RCS file: /Volumes/exported/FreeBSD-CVS/src/sys/netinet6/in6_src.c,v
retrieving revision 1.29
diff -u -r1.29 in6_src.c
--- in6_src.c 7 Jan 2005 02:30:34 -0000 1.29
+++ in6_src.c 11 May 2005 20:09:30 -0000
@@ -454,7 +454,7 @@
if ((error = in6_selectroute(dstsock, opts, mopts, ro, retifp,
&rt, 0)) != 0) {
- if (rt && rt == sro.ro_rt)
+ if (rt && sro && rt == sro.ro_rt)
RTFREE(rt);
return (error);
}
@@ -667,7 +667,7 @@
* (this may happen when we are sending a packet to one of
* our own addresses.)
*/
- if (opts && opts->ip6po_pktinfo &&
+ if (ifp && opts && opts->ip6po_pktinfo &&
opts->ip6po_pktinfo->ipi6_ifindex) {
if (!(ifp->if_flags & IFF_LOOPBACK) &&
ifp->if_index !=
*) Make sure that rule is valid before dereferencing it.
Index: ip6_fw.c
===================================================================
RCS file: /Volumes/exported/FreeBSD-CVS/src/sys/netinet6/ip6_fw.c,v
retrieving revision 1.34
diff -u -r1.34 ip6_fw.c
--- ip6_fw.c 7 Jan 2005 02:30:34 -0000 1.34
+++ ip6_fw.c 11 May 2005 20:29:03 -0000
@@ -769,7 +769,7 @@
* - The packet is not an ICMP packet, or is an ICMP query packet
* - The packet is not a multicast or broadcast packet
*/
- if ((rule->fw_flg & IPV6_FW_F_COMMAND) == IPV6_FW_F_REJECT
+ if (rule && (rule->fw_flg & IPV6_FW_F_COMMAND) == IPV6_FW_F_REJECT
&& (nxt != IPPROTO_ICMPV6 || is_icmp6_query(ip6, off))
&& !((*m)->m_flags & (M_BCAST|M_MCAST))
&& !IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) {
*) Do not bcopy if the pointer is NULL, whether or not canwait was
set.
Index: ip6_output.c
===================================================================
RCS file: /Volumes/exported/FreeBSD-CVS/src/sys/netinet6/ip6_output.c,v
retrieving revision 1.88
diff -u -r1.88 ip6_output.c
--- ip6_output.c 18 Apr 2005 18:35:05 -0000 1.88
+++ ip6_output.c 11 May 2005 20:48:12 -0000
@@ -2603,7 +2603,7 @@
if (src->ip6po_nexthop) {
dst->ip6po_nexthop = malloc(src->ip6po_nexthop->sa_len,
M_IP6OPT, canwait);
- if (dst->ip6po_nexthop == NULL && canwait == M_NOWAIT)
+ if (dst->ip6po_nexthop == NULL)
goto bad;
bcopy(src->ip6po_nexthop, dst->ip6po_nexthop,
src->ip6po_nexthop->sa_len);
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
