Only set the ipfilter running state to 'not running' if we are

doing the teardown. ipf_destroy_all() may free ipfmain in case of ipf_dynamic_softc being true, thus we are avoiding a possible memory modified after free as well. Reported by: Coverity Coverity CID: 1357320 Approved by: re (hrs) MFC after: 10 days
author: bz <bz@FreeBSD.org> 2016-07-06 10:29:29 +0000
committer: bz <bz@FreeBSD.org> 2016-07-06 10:29:29 +0000
commit: a1ab1fdac648b1bbc8ef66553998da79e6257cbd (patch)
tree: 2a0ec49520bd6b4bd19d729a5459dc42a437a87e /sys/contrib
parent: e666419b2ddaa6c85eda413049841f28871675c1 (diff)
download: FreeBSD-src-a1ab1fdac648b1bbc8ef66553998da79e6257cbd.zip
FreeBSD-src-a1ab1fdac648b1bbc8ef66553998da79e6257cbd.tar.gz
1 files changed, 3 insertions, 2 deletions
diff --git a/sys/contrib/ipfilter/netinet/mlfk_ipl.c b/sys/contrib/ipfilter/netinet/mlfk_ipl.c
index d8c40cd..3713911 100644
--- a/sys/contrib/ipfilter/netinet/mlfk_ipl.c
+++ b/sys/contrib/ipfilter/netinet/mlfk_ipl.c
@@ -291,13 +291,14 @@ vnet_ipf_uninit(void)
 		return;
 
 	if (V_ipfmain.ipf_running >= 0) {
+
 		if (ipfdetach(&V_ipfmain) != 0)
 			return;
 
+		V_ipfmain.ipf_running = -2;
+
 		ipf_destroy_all(&V_ipfmain);
 	}
-
-	V_ipfmain.ipf_running = -2;
 }
 VNET_SYSUNINIT(vnet_ipf_uninit, SI_SUB_PROTO_FIREWALL, SI_ORDER_THIRD,
     vnet_ipf_uninit, NULL);
author	bz <bz@FreeBSD.org>	2016-07-06 10:29:29 +0000
committer	bz <bz@FreeBSD.org>	2016-07-06 10:29:29 +0000
commit	a1ab1fdac648b1bbc8ef66553998da79e6257cbd (patch)
tree	2a0ec49520bd6b4bd19d729a5459dc42a437a87e /sys/contrib
parent	e666419b2ddaa6c85eda413049841f28871675c1 (diff)
download	FreeBSD-src-a1ab1fdac648b1bbc8ef66553998da79e6257cbd.zip FreeBSD-src-a1ab1fdac648b1bbc8ef66553998da79e6257cbd.tar.gz