53f4b0cf9b
- DIOCADDADDR adds addresses and puts them into V_pf_pabuf - DIOCADDRULE takes all addresses from V_pf_pabuf and links them into rule. The ugly part is that if address is a table, then it is initialized in DIOCADDRULE, because we need ruleset, and DIOCADDADDR doesn't supply ruleset. But if address is a dynaddr, we need address family, and address family could be different for different addresses in one rule, so dynaddr is initialized in DIOCADDADDR. This leads to the entangled state of addresses on V_pf_pabuf. Some are initialized, and some not. That's why running pf_empty_pool(&V_pf_pabuf) can lead to a panic on a NULL table address. Since proper fix requires API/ABI change, for now simply plug the panic in pf_empty_pool(). Reported by: danger |
||
---|---|---|
.. | ||
if_pflog.c | ||
if_pfsync.c | ||
in4_cksum.c | ||
pf_altq.h | ||
pf_if.c | ||
pf_ioctl.c | ||
pf_lb.c | ||
pf_mtag.h | ||
pf_norm.c | ||
pf_osfp.c | ||
pf_ruleset.c | ||
pf_table.c | ||
pf.c | ||
pf.h |