Fix a null pointer dereference introduced in the last commit, plus

remove a useless assignment and move a comment. Submitted by: Thomas Moestl
2001-09-24 05:24:19 +00:00 · 2001-09-24 05:24:19 +00:00 · 078156d09d
commit 078156d09d
parent 090905a55c
1 changed files with 4 additions and 6 deletions
--- a/sys/netinet/ip_fw.c
+++ b/sys/netinet/ip_fw.c
@ -1084,14 +1084,12 @@ ip_fw_chk(struct ip **pip, int hlen,
 	last_pkt.flags = flags;

 	if (*flow_id) {
-		/* Accept if passed first test */
-		if (fw_one_pass)
-			return 0;
 		/*
 		 * Packet has already been tagged. Look for the next rule
 		 * to restart processing.
 		 */
-		chain = LIST_NEXT(*flow_id, next);
+		if (fw_one_pass) /* just accept if fw_one_pass is set */
+			return 0;

 		if ((chain = (*flow_id)->rule->next_rule_ptr) == NULL)
 			chain = (*flow_id)->rule->next_rule_ptr =
@ -1416,8 +1414,8 @@ got_match:
 			return(f->fw_divert_port | IP_FW_PORT_TEE_FLAG);
 #endif
 		case IP_FW_F_SKIPTO: /* XXX check */
-			if ( (chain = f->next_rule_ptr) == NULL )
-			    chain = lookup_next_rule(chain) ;
+			chain = f->next_rule_ptr ? f->next_rule_ptr :
+				lookup_next_rule(chain) ;
 			if (! chain)
 			    goto dropit;
 			goto again ;