Note danger of dangling pointers.
This commit is contained in:
parent
cacc05fe11
commit
9044dcac49
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: ipsec.c,v 1.121 2007/07/10 18:25:50 christos Exp $ */
|
||||
/* $NetBSD: ipsec.c,v 1.122 2007/11/16 17:50:07 dyoung Exp $ */
|
||||
/* $KAME: ipsec.c,v 1.136 2002/05/19 00:36:39 itojun Exp $ */
|
||||
|
||||
/*
|
||||
|
@ -35,7 +35,7 @@
|
|||
*/
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.121 2007/07/10 18:25:50 christos Exp $");
|
||||
__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.122 2007/11/16 17:50:07 dyoung Exp $");
|
||||
|
||||
#include "opt_inet.h"
|
||||
#include "opt_ipsec.h"
|
||||
|
@ -2645,6 +2645,9 @@ ipsec4_output(struct ipsec_output_state *state, struct secpolicy *sp, int flags)
|
|||
goto bad;
|
||||
}
|
||||
|
||||
/* XXX state->dst will dangle if the rtentry goes
|
||||
* away! I suggest sockaddr_dup()'ing it. --dyoung
|
||||
*/
|
||||
/* adjust state->dst if tunnel endpoint is offlink */
|
||||
if (state->ro->ro_rt->rt_flags & RTF_GATEWAY) {
|
||||
state->dst = state->ro->ro_rt->rt_gateway;
|
||||
|
@ -3019,8 +3022,7 @@ ipsec6_output_tunnel(struct ipsec_output_state *state, struct secpolicy *sp,
|
|||
} u;
|
||||
|
||||
sockaddr_in6_init(&u.dst6, &ip6->ip6_dst, 0, 0, 0);
|
||||
rtcache_lookup(state->ro, &u.dst);
|
||||
if (state->ro->ro_rt == NULL) {
|
||||
if (rtcache_lookup(state->ro, &u.dst) == NULL) {
|
||||
rtcache_free(state->ro);
|
||||
ip6stat.ip6s_noroute++;
|
||||
ipsec6stat.out_noroute++;
|
||||
|
@ -3028,6 +3030,9 @@ ipsec6_output_tunnel(struct ipsec_output_state *state, struct secpolicy *sp,
|
|||
goto bad;
|
||||
}
|
||||
|
||||
/* XXX state->dst will dangle if the rtentry goes
|
||||
* away! I suggest sockaddr_dup()'ing it. --dyoung
|
||||
*/
|
||||
/* adjust state->dst if tunnel endpoint is offlink */
|
||||
if (state->ro->ro_rt->rt_flags & RTF_GATEWAY) {
|
||||
state->dst = state->ro->ro_rt->rt_gateway;
|
||||
|
|
Loading…
Reference in New Issue