Initialize mbuf pointer at getting ipsec policy.

Without this, kernel will panic at getsockopt() of IPSEC_POLICY. Also make compilable libipsec/test-policy.c which tries getsockopt() of IPSEC_POLICY. Approved by: jkh Submitted by: sakane@kame.net
svn path=/head/; revision=57855
2000-03-09 14:57:16 +00:00 · 2000-03-09 14:57:16 +00:00 · f63e7634ac · 2020-12-20 02:59:44 +00:00
commit f63e7634ac
parent 283073b4e6
3 changed files with 11 additions and 12 deletions
--- a/lib/libipsec/test-policy.c
+++ b/lib/libipsec/test-policy.c
@ -35,7 +35,7 @@

 #include <netinet/in.h>
 #include <netinet6/in6.h>
-#include <netkey/keyv2.h>
+#include <net/pfkeyv2.h>
 #include <netkey/key_debug.h>
 #include <netinet6/ipsec.h>

--- a/sys/netinet/ip_output.c
+++ b/sys/netinet/ip_output.c
@ -1227,7 +1227,7 @@ ip_ctloutput(so, sopt)
 #ifdef IPSEC
 		case IP_IPSEC_POLICY:
 		{
-			struct mbuf *m;
+			struct mbuf *m = NULL;
 			caddr_t req = NULL;

 			if (m != 0)
@ -1235,7 +1235,8 @@ ip_ctloutput(so, sopt)
 			error = ipsec4_get_policy(sotoinpcb(so), req, &m);
 			if (error == 0)
 				error = soopt_mcopyout(sopt, m); /* XXX */
-			m_freem(m);
+			if (error == 0)
+				m_freem(m);
 			break;
 		}
 #endif /*IPSEC*/
--- a/sys/netinet6/ip6_output.c
+++ b/sys/netinet6/ip6_output.c
@ -1509,19 +1509,17 @@ ip6_ctloutput(so, sopt)
 #ifdef IPSEC
 			case IPV6_IPSEC_POLICY:
 			  {
-				caddr_t req = NULL;
-				int len = 0;
-				struct mbuf *m;
-				struct mbuf **mp = &m;

-				if (m != 0) {
+				struct mbuf *m = NULL;
+				caddr_t req = NULL;
+
+				if (m != 0)
 					req = mtod(m, caddr_t);
-					len = m->m_len;
-				}
-				error = ipsec6_get_policy(in6p, req, mp);
+				error = ipsec6_get_policy(in6p, req, &m);
 				if (error == 0)
 					error = soopt_mcopyout(sopt, m); /*XXX*/
-				m_freem(m);
+				if (error == 0)
+					m_freem(m);
 				break;
 			  }
 #endif /* IPSEC */