Module Name: src
Committed By: riastradh
Date: Thu Mar 27 11:00:50 UTC 2025
Modified Files:
src/sys/kern: uipc_usrreq.c
Log Message:
unp_accept: Fix assertion in SS_ISCONNECTING case.
This null test matches the assertion inside soisconnected.
In this context, so2 must also be locked, and we no longer assert so
directly here -- but the assertions never worked as far as I can tell
since they were added in 2008, and soisconnected already asserts
solocked(so2), so this is fine.
(Not doing this via xfail test because it crashes the whole test bed
when the assertion fires, but the test that tripped this assertion is
coming shortly.)
PR kern/59220: accept(2): null pointer deref
To generate a diff of this commit:
cvs rdiff -u -r1.207 -r1.208 src/sys/kern/uipc_usrreq.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/kern/uipc_usrreq.c
diff -u src/sys/kern/uipc_usrreq.c:1.207 src/sys/kern/uipc_usrreq.c:1.208
--- src/sys/kern/uipc_usrreq.c:1.207 Sat Dec 7 02:31:14 2024
+++ src/sys/kern/uipc_usrreq.c Thu Mar 27 11:00:50 2025
@@ -1,4 +1,4 @@
-/* $NetBSD: uipc_usrreq.c,v 1.207 2024/12/07 02:31:14 riastradh Exp $ */
+/* $NetBSD: uipc_usrreq.c,v 1.208 2025/03/27 11:00:50 riastradh Exp $ */
/*-
* Copyright (c) 1998, 2000, 2004, 2008, 2009, 2020 The NetBSD Foundation, Inc.
@@ -96,7 +96,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: uipc_usrreq.c,v 1.207 2024/12/07 02:31:14 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: uipc_usrreq.c,v 1.208 2025/03/27 11:00:50 riastradh Exp $");
#ifdef _KERNEL_OPT
#include "opt_compat_netbsd.h"
@@ -839,8 +839,8 @@ unp_accept(struct socket *so, struct soc
}
so2 = unp->unp_conn->unp_socket;
if (so2->so_state & SS_ISCONNECTING) {
- KASSERT(solocked2(so, so->so_head));
- KASSERT(solocked2(so2, so->so_head));
+ KASSERT(so->so_head == NULL || solocked2(so, so->so_head));
+ KASSERT(so->so_head == NULL || solocked2(so2, so->so_head));
soisconnected(so2);
}
/*
