diff options
author | kensmith <kensmith@FreeBSD.org> | 2007-09-10 14:49:32 +0000 |
---|---|---|
committer | kensmith <kensmith@FreeBSD.org> | 2007-09-10 14:49:32 +0000 |
commit | 671d1148baa54b3f01b13286628a41a291d4800c (patch) | |
tree | 4573fae84c25741911abf72eef788c07742a1363 | |
parent | 200ce01ddb957dd8fd63c9d365d1cbfd06024f01 (diff) | |
download | FreeBSD-src-671d1148baa54b3f01b13286628a41a291d4800c.zip FreeBSD-src-671d1148baa54b3f01b13286628a41a291d4800c.tar.gz |
Make sure that either inp is NULL or we have obtained a lock on it before
jumping to dropunlock to avoid a panic. While here move the calls to
ipsec4_in_reject() and ipsec6_in_reject() so they are after we obtain
the lock on inp.
Original patch to avoid panic: pjd
Review of locking adjustments: gnn, sam
Approved by: re (rwatson)
-rw-r--r-- | sys/netinet/tcp_input.c | 26 |
1 files changed, 13 insertions, 13 deletions
diff --git a/sys/netinet/tcp_input.c b/sys/netinet/tcp_input.c index 42d8147..f114bfd 100644 --- a/sys/netinet/tcp_input.c +++ b/sys/netinet/tcp_input.c @@ -448,19 +448,6 @@ findpcb: m->m_pkthdr.rcvif); } -#ifdef IPSEC -#ifdef INET6 - if (isipv6 && inp != NULL && ipsec6_in_reject(m, inp)) { - ipsec6stat.in_polvio++; - goto dropunlock; - } else -#endif /* INET6 */ - if (inp != NULL && ipsec4_in_reject(m, inp)) { - ipsec4stat.in_polvio++; - goto dropunlock; - } -#endif /* IPSEC */ - /* * If the INPCB does not exist then all data in the incoming * segment is discarded and an appropriate RST is sent back. @@ -489,6 +476,19 @@ findpcb: } INP_LOCK(inp); +#ifdef IPSEC +#ifdef INET6 + if (isipv6 && ipsec6_in_reject(m, inp)) { + ipsec6stat.in_polvio++; + goto dropunlock; + } else +#endif /* INET6 */ + if (ipsec4_in_reject(m, inp) != 0) { + ipsec4stat.in_polvio++; + goto dropunlock; + } +#endif /* IPSEC */ + /* * Check the minimum TTL for socket. */ |