d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

sctp: improve stopping of timers

Browse Source 
Reported by:	syzbot+c9c70062320aaad19de7@syzkaller.appspotmail.com
MFC after:	3 days
This commit is contained in:
Michael Tuexen 2022-04-19 21:29:41 +02:00
parent b7d4192598
commit 868868f14e
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
sys/netinet/sctputil.c
View File

@ -2869,20 +2869,23 @@ sctp_timer_stop(int t_type, struct sctp_inpcb *inp, struct sctp_tcb *stcb,
* counts that were incremented in sctp_timer_start().
*/
if (tmr->ep != NULL) {
SCTP_INP_DECR_REF(inp);
tmr->ep = NULL;
SCTP_INP_DECR_REF(inp);
}
if (tmr->tcb != NULL) {
atomic_subtract_int(&stcb->asoc.refcnt, 1);
tmr->tcb = NULL;
atomic_subtract_int(&stcb->asoc.refcnt, 1);
}
if (tmr->net != NULL) {
struct sctp_nets *tmr_net;
/*
* Can't use net, since it doesn't work for
* SCTP_TIMER_TYPE_ASCONF.
*/
sctp_free_remote_addr((struct sctp_nets *)tmr->net);
tmr_net = tmr->net;
tmr->net = NULL;
sctp_free_remote_addr((struct sctp_nets *)tmr_net);
}
} else {
SCTPDBG(SCTP_DEBUG_TIMER2,