Make sure that either inp is NULL or we have obtained a lock on it before

jumping to dropunlock to avoid a panic. While here move the calls to ipsec4_in_reject() and ipsec6_in_reject() so they are after we obtain the lock on inp. Original patch to avoid panic: pjd Review of locking adjustments: gnn, sam Approved by: re (rwatson)
2007-09-10 14:49:32 +00:00 · 2007-09-10 14:49:32 +00:00 · 671d1148ba
commit 671d1148ba
parent 200ce01ddb
1 changed files with 13 additions and 13 deletions
--- a/sys/netinet/tcp_input.c
+++ b/sys/netinet/tcp_input.c
@ -448,19 +448,6 @@ tcp_input(struct mbuf *m, int off0)
 						m->m_pkthdr.rcvif);
 	}

-#ifdef IPSEC
-#ifdef INET6
-	if (isipv6 && inp != NULL && ipsec6_in_reject(m, inp)) {
-		ipsec6stat.in_polvio++;
-		goto dropunlock;
-	} else
-#endif /* INET6 */
-	if (inp != NULL && ipsec4_in_reject(m, inp)) {
-		ipsec4stat.in_polvio++;
-		goto dropunlock;
-	}
-#endif /* IPSEC */
-
 	/*
 	 * If the INPCB does not exist then all data in the incoming
 	 * segment is discarded and an appropriate RST is sent back.
@ -489,6 +476,19 @@ tcp_input(struct mbuf *m, int off0)
 	}
 	INP_LOCK(inp);

+#ifdef IPSEC
+#ifdef INET6
+	if (isipv6 && ipsec6_in_reject(m, inp)) {
+		ipsec6stat.in_polvio++;
+		goto dropunlock;
+	} else
+#endif /* INET6 */
+	if (ipsec4_in_reject(m, inp) != 0) {
+		ipsec4stat.in_polvio++;
+		goto dropunlock;
+	}
+#endif /* IPSEC */
+
 	/*
 	 * Check the minimum TTL for socket.
 	 */