diff options
| author | rwatson <rwatson@FreeBSD.org> | 2007-12-22 10:06:11 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2007-12-22 10:06:11 +0000 |
| commit | f558a6bfd81c43e3d3dafdf2017d34992da6c6e6 (patch) | |
| tree | 2170ba032f8093d8a3815acc50967d8b11a04904 /sys/netinet | |
| parent | 265714a11e910b54123ae50206fa60c2341c5b88 (diff) | |
| download | FreeBSD-src-f558a6bfd81c43e3d3dafdf2017d34992da6c6e6.zip FreeBSD-src-f558a6bfd81c43e3d3dafdf2017d34992da6c6e6.tar.gz | |
When IPSEC fails to allocate policy state for an inpcb, and MAC is in use,
free the MAC label on the inpcb before freeing the inpcb.
MFC after: 3 days
Submitted by: tanyong <tanyong at ercist dot iscas dot ac dot cn>,
zhouzhouyi
Diffstat (limited to 'sys/netinet')
| -rw-r--r-- | sys/netinet/in_pcb.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/sys/netinet/in_pcb.c b/sys/netinet/in_pcb.c index c1727ca..1ddc020 100644 --- a/sys/netinet/in_pcb.c +++ b/sys/netinet/in_pcb.c @@ -197,8 +197,12 @@ in_pcballoc(struct socket *so, struct inpcbinfo *pcbinfo) #ifdef IPSEC error = ipsec_init_policy(so, &inp->inp_sp); - if (error != 0) + if (error != 0) { +#ifdef MAC + mac_inpcb_destroy(inp); +#endif goto out; +} #endif /*IPSEC*/ #ifdef INET6 if (INP_SOCKAF(so) == AF_INET6) { |
