diff options
author | iedowse <iedowse@FreeBSD.org> | 2002-12-27 17:15:16 +0000 |
---|---|---|
committer | iedowse <iedowse@FreeBSD.org> | 2002-12-27 17:15:16 +0000 |
commit | f6258ba488075f7a4561dbca1e316dd438a7af5c (patch) | |
tree | 81a41f0e1b64bcb93811a2c41fdf93e40f7c939d /sys/net/bridge.c | |
parent | 4dcc4f2f7e46cbb7043c619cfe0adb6a78b936d6 (diff) | |
download | FreeBSD-src-f6258ba488075f7a4561dbca1e316dd438a7af5c.zip FreeBSD-src-f6258ba488075f7a4561dbca1e316dd438a7af5c.tar.gz |
Oops, I misread the purpose of the NULL check in EH_RESTORE() in
revision 1.62. It was checking for M_PREPEND() failing, not for the
case of a NULL mbuf pointer being supplied to the macro. Back out
that revision, and fix the NULL dereference by not calling EH_RESTORE()
in the case where the mbuf pointer is NULL because the firewall
rejected the packet.
Diffstat (limited to 'sys/net/bridge.c')
-rw-r--r-- | sys/net/bridge.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/sys/net/bridge.c b/sys/net/bridge.c index 4915c3b..16e338f 100644 --- a/sys/net/bridge.c +++ b/sys/net/bridge.c @@ -799,11 +799,11 @@ static struct mbuf * bdg_forward(struct mbuf *m0, struct ifnet *dst) { #define EH_RESTORE(_m) do { \ + M_PREPEND((_m), ETHER_HDR_LEN, M_DONTWAIT); \ if ((_m) == NULL) { \ bdg_dropped++; \ return NULL; \ } \ - M_PREPEND((_m), ETHER_HDR_LEN, M_DONTWAIT); \ if (eh != mtod((_m), struct ether_header *)) \ bcopy(&save_eh, mtod((_m), struct ether_header *), ETHER_HDR_LEN); \ else \ @@ -959,7 +959,8 @@ bdg_forward(struct mbuf *m0, struct ifnet *dst) i = ip_fw_chk_ptr(&args); m0 = args.m; /* in case the firewall used the mbuf */ - EH_RESTORE(m0); /* restore Ethernet header */ + if (m0 != NULL) + EH_RESTORE(m0); /* restore Ethernet header */ if ( (i & IP_FW_PORT_DENY_FLAG) || m0 == NULL) /* drop */ return m0 ; |