From 27bd812c5c92af9e7acdbf100bd98166a717bb76 Mon Sep 17 00:00:00 2001 From: Kristof Provost Date: Thu, 2 Dec 2021 14:32:21 +0100 Subject: [PATCH] pfsync: NULL check sc before using it In pfsync_defer() we must wait to lock sc until we've ensured it's not NULL. MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D33240 --- sys/netpfil/pf/if_pfsync.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/sys/netpfil/pf/if_pfsync.c b/sys/netpfil/pf/if_pfsync.c index 1aa5e6c0b066..166ac428fd9b 100644 --- a/sys/netpfil/pf/if_pfsync.c +++ b/sys/netpfil/pf/if_pfsync.c @@ -1739,9 +1739,12 @@ pfsync_defer(struct pf_kstate *st, struct mbuf *m) if (m->m_flags & (M_BCAST|M_MCAST)) return (0); + if (sc == NULL) + return (0); + PFSYNC_LOCK(sc); - if (sc == NULL || !(sc->sc_ifp->if_flags & IFF_DRV_RUNNING) || + if (!(sc->sc_ifp->if_flags & IFF_DRV_RUNNING) || !(sc->sc_flags & PFSYNCF_DEFER)) { PFSYNC_UNLOCK(sc); return (0);