Author: mmacy
Date: Sun May 6 20:32:47 2018
New Revision: 333308
URL: https://svnweb.freebsd.org/changeset/base/333308
Log:
The ifnet pointer (ifp) in rt_newaddrmsg can be valid without ifp->if_addr
being set if
if the ifnet is still live by way of a reference but
in line for deletion. Check ifp->if_addr before dereferencing.
Approved by: sbruno
Modified:
head/sys/net/rtsock.c
Modified: head/sys/net/rtsock.c
==============================================================================
--- head/sys/net/rtsock.c Sun May 6 16:22:02 2018 (r333307)
+++ head/sys/net/rtsock.c Sun May 6 20:32:47 2018 (r333308)
@@ -1411,7 +1411,10 @@ rt_newmaddrmsg(int cmd, struct ifmultiaddr *ifma)
bzero((caddr_t)&info, sizeof(info));
info.rti_info[RTAX_IFA] = ifma->ifma_addr;
- info.rti_info[RTAX_IFP] = ifp ? ifp->if_addr->ifa_addr : NULL;
+ if (ifp && ifp->if_addr)
+ info.rti_info[RTAX_IFP] = ifp->if_addr->ifa_addr;
+ else
+ info.rti_info[RTAX_IFP] = NULL;
/*
* If a link-layer address is present, present it as a ``gateway''
* (similarly to how ARP entries, e.g., are presented).
_______________________________________________
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
