kochi
62f4a841c7
Fix return without free (resource leakage).
...
Detected by Coverity (CID 2309).
2006-04-13 08:43:17 +00:00
kochi
656c03f555
This is better fix than the previous commit for
...
saner cleanup path.
2006-04-13 07:31:29 +00:00
kochi
691e781111
Fix usage after free of NextWalkState.
...
Closes Coverity CID 2672 and this is reported to intel people.
2006-04-13 07:21:20 +00:00
cube
7db196715b
Protect config(1)-generated include files inclusion with
...
#ifdef _KERNEL_OPT. ACPI-CA might be used by standalone code in the
future. Suggested by cherry@.
2006-04-07 13:49:20 +00:00
martti
7967220333
Removed BROKEN_TCP_WINDOW_CHECK hack.
2006-04-04 16:19:05 +00:00
martti
9ea58d54bc
Upgraded IPFilter to 4.1.13
2006-04-04 16:17:18 +00:00
kochi
ec7315b11c
Moved from sys/dev/acpi/acpica/Subsystem.
...
suggested by cube.
2006-03-23 13:36:31 +00:00
christos
5a57baa413
don't use MALLOC with a non-constant size; use malloc instead.
2006-03-17 23:29:07 +00:00
lukem
a1f606d3fd
Use the SI capitalization for "Hz", "kHz", and "MHz" in comments and strings.
...
Add a space between numbers and Hz unit.
2006-03-08 23:46:22 +00:00
peter
8f83cde4e3
Fix TCP/UDP checksum handling as pointed out by Daniel Hartmeier in:
...
http://mail-index.netbsd.org/tech-net/2006/01/21/0000.html .
Problem reported and patch tested by der Mouse & Nino Dehne (PR/32874).
2006-02-19 12:15:33 +00:00
rpaulo
99513cfd59
In pf_socket_lookup() fix copy & paste problem when in6_pcblookup_bind()
...
returns NULL.
2006-02-07 22:53:03 +00:00
peter
10f6d07582
apply a fix from OpenBSD:
...
> revision 1.104
> date: 2006/01/18 22:03:21; author: dhartmei; state: Exp; lines: +2 -2
> fix a bug in the fragment cache (used for 'scrub fragment crop/drop-ovl',
> but not 'fragment reassemble'), which can cause some fragments to get
> inserted into the cache twice, thereby violating an invariant, and panic-
> ing the system subsequently. ok deraadt@
2006-01-25 10:45:20 +00:00
peter
5d1968b1c0
Include netinet/in.h, for compatibility with OpenBSD (we #ifdef'ed out a
...
header which includes netinet/in.h on OpenBSD).
Pointed out by Thomas E. Spanjaard.
No objection from yamt@.
2006-01-17 12:24:53 +00:00
christos
97dec287fc
make the kernel link without options INET.
...
XXX: this is of dubious use.
2005-12-28 09:29:48 +00:00
christos
08e11b2039
make this compile with no INET options.
2005-12-28 09:05:54 +00:00
christos
95e1ffb156
merge ktrace-lwp.
2005-12-11 12:16:03 +00:00
christos
a751ffb4fe
Adjust for icmp_error signature.
2005-10-23 19:40:20 +00:00
yamt
3a2482b78f
fr_check_wrapper6: handle M_CSUM_TCPv6|M_CSUM_UDPv6.
2005-08-11 13:01:38 +00:00
yamt
bbfb2033ff
pfil6_wrapper: handle M_CSUM_TCPv6|M_CSUM_UDPv6.
2005-08-11 13:01:24 +00:00
yamt
d6d72a6dc9
wrap INET only code by #if defined(INET). (in __NetBSD__ part)
2005-08-06 11:22:39 +00:00
peter
84fa01a154
pf_test() can set *mp to NULL, check for this before de-referencing it.
...
From Akihiro Sagawa in PR/30835.
2005-07-26 13:09:23 +00:00
christos
b132d4d5fd
Fix typo
2005-07-10 09:22:56 +00:00
christos
4a35068121
Small correction to skd's patch from darren.
2005-07-10 05:49:38 +00:00
christos
20dd96aff1
Don't drop fragments that are smalled than the ip header size. From skd
2005-07-09 14:51:11 +00:00
peter
9710741485
Resolve conflicts (pf from OpenBSD 3.7, kernel part).
2005-07-01 12:37:34 +00:00
lukem
fd8956d5fa
Use an "XXXGCC -Wuninitalized" style that is consistent with that used
...
elsewhere in the tree.
2005-06-15 01:48:20 +00:00
jmc
6724401235
Cleanup XXGCC in a few places to make it easier to see.
2005-06-14 21:20:30 +00:00
jmc
c3073778d2
Fix unitialized warnings that only crop up on m68k. XXGCC taggedd
2005-06-13 20:33:53 +00:00
darrenr
4e1ba8b46a
bin/29508 - fix "ipf -T" - kernel wasn't setting ipft_cookie and userland
...
was expecting it to be set, thus ignored it.
bin/29509 - because ipft_cookie wasn't reset to 0 before making the ioctl
call for each variable, only the first name to find was used, each successive
call just used the cookie.
CVn: ----------------------------------------------------------------------
2005-06-11 12:31:40 +00:00
darrenr
e5f523e30c
Using USE_SPL should be done after the last place it is defined.
2005-06-11 12:12:59 +00:00
darrenr
486aaa2c70
kern/30082 - fr_check() is missing SPL_NET() macros for non-mutex using
...
platforms, allowing it to be preempted and restarted in an inconsistent
state.
2005-06-11 11:25:28 +00:00
yamt
656adb750b
pf_reassemble: clear stale csum_flags.
2005-06-08 11:50:46 +00:00
christos
f9aeac0ab7
- sprinkle const
...
- avoid variable shadowing.
2005-05-29 21:57:49 +00:00
christos
966656bbac
more fallout from so_uid -> so_uidinfo.
2005-05-07 19:59:56 +00:00
martti
58b8abcbf8
Upgraded IPFilter to 4.1.8
2005-04-03 15:05:30 +00:00
martti
c775aec128
Import IPFilter 4.1.8
2005-04-03 15:01:04 +00:00
christos
3136f75efa
defopt IPFILTER_DEFAULT_BLOCK
2005-03-26 18:08:42 +00:00
peter
851064ccf9
Fix a GCC warning when compiling on evbppc.
...
From FUKAUMI Naoki in PR #29669 .
2005-03-15 18:08:59 +00:00
hannken
4e0e09fd14
frpr_udpcommon() failed to handle fragmented packets. Packets with less than
...
8 bytes of data were dropped.
- If the packet is a fragment, return. There is no UDP header in this case.
- Don't set the FI_SHORT flag. Already tested in `frpr_short()'.
- Remove unneeded test `!fin->fin_off'.
Approved by: Christos Zoulas <christos@netbsd.org>
2005-03-07 13:59:30 +00:00
christos
2a8316cc91
Add a change lost in the transition from 4.1.3->4.1.6. Don't block packets
...
for which we cannot add state. Explanation in the code. Fixes PR/29560.
2005-03-01 13:41:43 +00:00
itojun
57eaa97695
with IPv6 intermediate host will not perform PMTUD. ip6_getpmtu() is for
...
end node cases, so do not use it.
2005-02-28 09:26:36 +00:00
martin
65c3e91025
When we call m_makewritable() the mbuf might be copied - so don't use
...
stale mtod()'d pointers from before.
2005-02-21 22:01:52 +00:00
martti
460bbcc960
Upgraded IPFilter to 4.1.6
2005-02-19 21:30:24 +00:00
martti
76b5d9e30f
Import IPFilter 4.1.6
2005-02-19 21:26:02 +00:00
christos
a05a0bbcb8
Deal with possibly uninitialized variable, and tidy up a bit.
2005-02-17 04:14:31 +00:00
christos
9606238d80
There were more broken things aside from the __'s missing.
2005-02-17 03:12:36 +00:00
christos
0a15d30196
Don't forget the trailing __'s in NetBSD Version. Should fix PR/29407.
2005-02-17 02:26:51 +00:00
peter
41ea7e91a7
Merge in a fix from OPENBSD_3_6.
...
ok yamt@
> MFC:
> Fix by dhartmei@
>
> replace finer-grained spl locking in pfioctl() with a single broad lock
> around the entire body. this resolves the (misleading) panics in
> pf_tag_packet() during heavy ioctl operations (like when using authpf)
> that occur because softclock can interrupt ioctl on i386 since SMP.
> patch from camield@.
2005-02-14 21:28:33 +00:00
peter
1b4e743b06
Merge in a fix from OPENBSD_3_6.
...
ok yamt@
> MFC:
> Fix by dhartmei@
>
> ICMP state entries use the ICMP ID as port for the unique state key. When
> checking for a usable key, construct the key in the same way. Otherwise,
> a colliding key might be missed or a state insertion might be refused even
> though it could be inserted. The second case triggers the endless loop
> fixed by 1.474, possibly allowing a NATed LAN client to lock up the kernel.
> Report and test data by Srebrenko Sehic.
2005-02-14 21:27:26 +00:00
christos
1b198d8f16
size_t should be cast'ed to unsigned long.
2005-02-09 23:42:30 +00:00