d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix the NULL pointer dereference for unresolved link layer entries in

Browse Source 
the netinet6 code. Copy link layer address only when corresponding entry
has LLE_VALID flag.

PR:		210379
Approved by:	re (kib)
This commit is contained in:
Andrey V. Elsukov 2016-06-22 11:29:21 +00:00
parent 7bdc064b0b
commit a844d49cc6
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
sys/netinet6/in6.c
View File

@ -2322,10 +2322,16 @@ in6_lltable_dump_entry(struct lltable *llt, struct llentry *lle,
sdl = &ndpc.sdl;
sdl->sdl_family = AF_LINK;
sdl->sdl_len = sizeof(*sdl);
sdl->sdl_alen = ifp->if_addrlen;
sdl->sdl_index = ifp->if_index;
sdl->sdl_type = ifp->if_type;
bcopy(lle->ll_addr, LLADDR(sdl), ifp->if_addrlen);
if ((lle->la_flags & LLE_VALID) == LLE_VALID) {
sdl->sdl_alen = ifp->if_addrlen;
bcopy(lle->ll_addr, LLADDR(sdl),
ifp->if_addrlen);
} else {
sdl->sdl_alen = 0;
bzero(LLADDR(sdl), ifp->if_addrlen);
}
if (lle->la_expire != 0)
ndpc.rtm.rtm_rmx.rmx_expire = lle->la_expire +
lle->lle_remtime / hz +