Only set the ipfilter running state to 'not running' if we are

doing the teardown. ipf_destroy_all() may free ipfmain in case of ipf_dynamic_softc being true, thus we are avoiding a possible memory modified after free as well. Reported by: Coverity Coverity CID: 1357320 Approved by: re (hrs) MFC after: 10 days
2016-07-06 10:29:29 +00:00 · 2016-07-06 10:29:29 +00:00 · c2222ab4a7
commit c2222ab4a7
parent eef0d63731
1 changed files with 3 additions and 2 deletions
--- a/sys/contrib/ipfilter/netinet/mlfk_ipl.c
+++ b/sys/contrib/ipfilter/netinet/mlfk_ipl.c
@ -291,13 +291,14 @@ vnet_ipf_uninit(void)
 		return;

 	if (V_ipfmain.ipf_running >= 0) {
+
 		if (ipfdetach(&V_ipfmain) != 0)
 			return;

+		V_ipfmain.ipf_running = -2;
+
 		ipf_destroy_all(&V_ipfmain);
 	}
-
-	V_ipfmain.ipf_running = -2;
 }
 VNET_SYSUNINIT(vnet_ipf_uninit, SI_SUB_PROTO_FIREWALL, SI_ORDER_THIRD,
    vnet_ipf_uninit, NULL);