diff options
author | Renato Botelho <renato@netgate.com> | 2015-08-17 13:53:17 -0300 |
---|---|---|
committer | Renato Botelho <renato@netgate.com> | 2015-08-17 13:53:17 -0300 |
commit | b74b5b434292ee1c1c1de56c45c21632d0316f68 (patch) | |
tree | 5192171c5023fd330f705d1afb782fa37dae4d8f | |
parent | ccce5611221dc61573724f5dc3ab05ead4d4b194 (diff) | |
download | FreeBSD-src-b74b5b434292ee1c1c1de56c45c21632d0316f68.zip FreeBSD-src-b74b5b434292ee1c1c1de56c45c21632d0316f68.tar.gz |
Importing pfSense patch pf_tags_alloc.diff
-rw-r--r-- | sys/netpfil/pf/pf.c | 18 |
1 files changed, 16 insertions, 2 deletions
diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c index 0fcb0d7..5932dd5 100644 --- a/sys/netpfil/pf/pf.c +++ b/sys/netpfil/pf/pf.c @@ -6161,7 +6161,14 @@ pf_test(int dir, struct ifnet *ifp, struct mbuf **m0, struct inpcb *inp) if (m->m_flags & M_SKIP_FIREWALL) return (PF_PASS); - pd.pf_mtag = pf_find_mtag(m); + pd.pf_mtag = pf_get_mtag(m); + if (pd.pf_mtag == NULL) { + REASON_SET(&reason, PFRES_MEMORY); + log = 1; + DPFPRINTF(PF_DEBUG_MISC, + ("pf: dropping packet due to failed memory allocation for tags\n")); + return PF_DROP; + } PF_RULES_RLOCK(); @@ -6637,7 +6644,14 @@ pf_test6(int dir, struct ifnet *ifp, struct mbuf **m0, struct inpcb *inp) return (PF_PASS); memset(&pd, 0, sizeof(pd)); - pd.pf_mtag = pf_find_mtag(m); + pd.pf_mtag = pf_get_mtag(m); + if (pd.pf_mtag == NULL) { + REASON_SET(&reason, PFRES_MEMORY); + log = 1; + DPFPRINTF(PF_DEBUG_MISC, + ("pf: dropping packet due to failed memory allocation for tags\n")); + return PF_DROP; + } if (pd.pf_mtag && pd.pf_mtag->flags & PF_TAG_GENERATED) return (PF_PASS); |