summaryrefslogtreecommitdiffstats
path: root/sys/netgraph
diff options
context:
space:
mode:
authormelifaro <melifaro@FreeBSD.org>2011-10-10 09:33:07 +0000
committermelifaro <melifaro@FreeBSD.org>2011-10-10 09:33:07 +0000
commit3767cab953b1940acdabb4975eef32ac2485aae0 (patch)
treea1f2c85f16d09440431b4d9173e094e182c8a2ae /sys/netgraph
parent3ec51822717892299e199836bc7027c08916e019 (diff)
downloadFreeBSD-src-3767cab953b1940acdabb4975eef32ac2485aae0.zip
FreeBSD-src-3767cab953b1940acdabb4975eef32ac2485aae0.tar.gz
Free mbuf in case when protocol in unknown in ng_ipfw_rcvdata().
This change fixes (theoretically) possible mbuf leak introduced in r225586. Reorder code a bit and change return codes to be more specific Reviewed by: glebius Approved by: kib (mentor)
Diffstat (limited to 'sys/netgraph')
-rw-r--r--sys/netgraph/ng_ipfw.c16
1 files changed, 7 insertions, 9 deletions
diff --git a/sys/netgraph/ng_ipfw.c b/sys/netgraph/ng_ipfw.c
index 4f1bc0e..117c608 100644
--- a/sys/netgraph/ng_ipfw.c
+++ b/sys/netgraph/ng_ipfw.c
@@ -242,7 +242,7 @@ ng_ipfw_rcvdata(hook_p hook, item_p item)
if (m->m_len < sizeof(struct ip) &&
(m = m_pullup(m, sizeof(struct ip))) == NULL)
- return (EINVAL);
+ return (ENOBUFS);
ip = mtod(m, struct ip *);
@@ -252,18 +252,14 @@ ng_ipfw_rcvdata(hook_p hook, item_p item)
#ifdef INET
case IPVERSION:
ip_input(m);
- break;
+ return (0);
#endif
#ifdef INET6
case IPV6_VERSION >> 4:
ip6_input(m);
- break;
+ return (0);
#endif
- default:
- NG_FREE_M(m);
- return (EINVAL);
}
- return (0);
} else {
switch (ip->ip_v) {
#ifdef INET
@@ -277,10 +273,12 @@ ng_ipfw_rcvdata(hook_p hook, item_p item)
return (ip6_output(m, NULL, NULL, 0, NULL,
NULL, NULL));
#endif
- default:
- return (EINVAL);
}
}
+
+ /* unknown IP protocol version */
+ NG_FREE_M(m);
+ return (EPROTONOSUPPORT);
}
static int
OpenPOWER on IntegriCloud