Page MenuHomeFreeBSD

netinet6: Don't calculate offset on ICMP6 NI query if the copied mbuf is null
AbandonedPublic

Authored by neel_neelc.org on May 30 2020, 7:30 PM.

Details

Reviewers
hrs
Summary

netinet6: Don't calculate offset on ICMP6 NI query if the copied mbuf is null.

Submitted by: Neel Chauhan <neel AT neelc DOT org>

Diff Detail

Repository
rS FreeBSD src repository
Lint
Lint Skipped
Unit
Unit Tests Skipped

Event Timeline

neel_neelc.org created this revision.May 30 2020, 7:30 PM
neel_neelc.org requested review of this revision.May 30 2020, 7:30 PM

I'd suggest to stop processing at this place.

sys/netinet6/icmp6.c
659

The handing of "n == NULL" is not consistent.
Instead of stop processing like below, some variables stay unset.

682–685

Here the "n == NULL" case is simple: stop processing.

723

If variables are still unset, prevent processing.

hrs requested changes to this revision.Jun 23 2020, 12:05 PM
hrs added a subscriber: hrs.

Adding the following two lines between the invocation of ni6_input() and the "nroff =" line is simpler. This noff line was added to suppress a "uninitialized variable" warning a long time ago, and the proposed change reverts it effectively while the code paths have no problem.

if (n)
        n = ni6_input(n, off);
if (n == NULL)
        break;
noff = sizeof(struct ip6_hdr);
This revision now requires changes to proceed.Jun 23 2020, 12:05 PM
neel_neelc.org marked 3 inline comments as done.

Good catch.

I'm not an expert in the kernel, sorry.

neel_neelc.org abandoned this revision.Jun 24 2020, 3:21 PM