Page MenuHomeFreeBSD
Differential D51627

pf: return errors from pf_route() and pf_route6()
ClosedPublic
Actions

Authored by kp on Jul 29 2025, 7:38 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sat, Oct 11, 7:08 AM
Unknown Object (File)
Sat, Oct 11, 7:08 AM
Unknown Object (File)
Sat, Oct 11, 7:08 AM
Unknown Object (File)
Fri, Oct 10, 11:50 PM
Unknown Object (File)
Sat, Oct 4, 9:27 AM
Unknown Object (File)
Fri, Sep 26, 7:37 PM
Unknown Object (File)
Tue, Sep 23, 8:08 PM
Unknown Object (File)
Sep 21 2025, 7:54 PM
View All 29 Files
Subscribers
farrokhi
glebius
imp
melifaro
vegeta_tuxpowered.net

Details

Reviewers
None
Group Reviewers
network
pfsense
Commits
rG349360b17eab: pf: return errors from pf_route() and pf_route6()
Summary

If we fail to route the packet in pf_route()/pf_route6() (e.g. because it
hit the TTL limit) we free the mbuf. If that packet is an SCTP packet that
establishes extra (i.e. multihome) states we have a queued job to handle that.
These jobs reference the now freed mbuf.

Pass the error from pf_route()/pf_route6() on, so that
pf_sctp_multihome_delayed() doesn't attempt to use the invalid mbuf pointer (or
establishes states for a packet we're not passing).

PR: 288274
Reported by: Robert Morris <rtm@lcs.mit.edu>
Sponsored by: Rubicon Communications, LLC ("Netgate")

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

kp created this revision.Jul 29 2025, 7:38 PM
Herald added subscribers: vegeta_tuxpowered.net, glebius, melifaro and 2 others. · View Herald TranscriptJul 29 2025, 7:38 PM
kp requested review of this revision.Jul 29 2025, 7:38 PM
Harbormaster completed remote builds in B65840: Diff 159424.Jul 29 2025, 7:38 PM
This revision was not accepted when it landed; it landed in state Needs Review.Aug 4 2025, 8:12 AM
Closed by commit rG349360b17eab: pf: return errors from pf_route() and pf_route6() (authored by kp). · Explain Why
This revision was automatically updated to reflect the committed changes.
kp added a commit: rG349360b17eab: pf: return errors from pf_route() and pf_route6().

Revision Contents
Changeset List

PathSize
sys/
netpfil/
pf/
66 lines
tests/
sys/
netpfil/
pf/
28 lines

Diff 159703

View Options

sys/netpfil/pf/pf.c

Loading...
View Options

tests/sys/netpfil/pf/nat64.py

Loading...