Differential D2824

Merge r284222, r284260
ClosedPublic
Actions

Authored by kp on Jun 15 2015, 10:30 AM.

Tags

None

Referenced Files

	Unknown Object (File)
	Mar 28 2024, 8:19 AM

	Unknown Object (File)
	Feb 7 2024, 7:38 AM

	Unknown Object (File)
	Dec 19 2023, 11:33 PM

	Unknown Object (File)
	Dec 17 2023, 7:14 AM

	Unknown Object (File)
	Sep 28 2023, 5:47 AM

	Unknown Object (File)
	Jun 26 2023, 11:27 PM

	Unknown Object (File)
	Jun 16 2023, 3:35 AM

	Unknown Object (File)
	Jun 7 2023, 2:02 AM

View All 48 Files

Subscribers

Details

Reviewers

philip
gnn

Commits

rS284580: Merge r284222, r284260

Summary

pf: address family must be set when creating a pf_fragment

Fix a panic when handling fragmented ip4 packets with 'drop-ovl' set.
In that scenario we take a different branch in pf_normalize_ip(), taking us to
pf_fragcache() (rather than pf_reassemble()). In pf_fragcache() we create a
pf_fragment, but do not set the address family. This leads to a panic when we
try to insert that into pf_frag_tree because pf_addr_cmp(), which is used to
compare the pf_fragments doesn't know what to do if the address family is not
set.

Simply ensure that the address family is set correctly (always AF_INET in this
path).

When we try to look up a pf_fragment with pf_find_fragment() we compare (see
pf_frag_compare()) addresses (and family), but also protocol. We failed to
save the protocol to the pf_fragment in pf_fragcache(), resulting in failing
reassembly.

PR: 200330

Diff Detail

Repository

rS FreeBSD src repository - subversion

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

kp updated this revision to Diff 6207.Jun 15 2015, 10:30 AM

kp retitled this revision from to Merge r284222, r284260.

kp updated this object.

kp edited the test plan for this revision. (Show Details)

kp added reviewers: gnn, philip.

kp set the repository for this revision to rS FreeBSD src repository - subversion.

Herald added a subscriber: imp. · View Herald TranscriptJun 15 2015, 10:30 AM

kp added a parent revision: D2823: Merge r278874, r278925, r278868.Jun 15 2015, 10:30 AM

kp added a child revision: D2825: Merge r284280.

gnn accepted this revision.Jun 16 2015, 12:54 PM

gnn edited edge metadata.

This revision is now accepted and ready to land.Jun 16 2015, 12:54 PM

Closed by commit rS284580: Merge r284222, r284260 (authored by kp). · Explain WhyJun 18 2015, 9:23 PM

This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

Path

Size

stable/

10/

sys/

netpfil/

pf/

2 lines

Diff 6309

stable/10

Loading...

stable/10/sys/netpfil/pf/pf_norm.c

Loading...