pf: Fix panic on overlapping interface names

In rare situations[*] it's possible for two different interfaces to have the same name. This confuses pf, because kifs are indexed by name (which is assumed to be unique). As a result we can end up trying to if_rele(NULL), which panics. Explicitly checking the ifp pointer before if_rele() prevents the panic. Note pf will likely behave in unexpected ways on the the overlapping interfaces. [*] Insert an interface in a vnet jail. Rename it to an interface which exists on the host. Remove the jail. There are now two interfaces with the same name in the host.
2018-12-01 09:58:21 +00:00 · 2018-12-01 09:58:21 +00:00 · 0200a72c29
commit 0200a72c29
parent 80691af7cb
1 changed files with 2 additions and 1 deletions
--- a/sys/netpfil/pf/pf_if.c
+++ b/sys/netpfil/pf/pf_if.c
@ -853,7 +853,8 @@ pfi_detach_ifnet_event(void *arg __unused, struct ifnet *ifp)
 	V_pfi_update++;
 	pfi_kif_update(kif);

-	if_rele(kif->pfik_ifp);
+	if (kif->pfik_ifp)
+		if_rele(kif->pfik_ifp);

 	kif->pfik_ifp = NULL;
 	ifp->if_pf_kif = NULL;