Check that ifma_protospec != NULL in inm_lookup

If ifma_protospec is NULL when inm_lookup() is called, there
is a dereference in a NULL struct pointer. This ensures that struct is
not NULL before comparing the address.

Reported by:	dumbbell
Reviewed by:	sbruno
Sponsored by:	Limelight Networks
Differential Revision:	https://reviews.freebsd.org/D15440
This commit is contained in:
shurd 2018-05-15 16:54:41 +00:00
parent 9d8b5dd26c
commit d32470f6c3

View File

@ -344,12 +344,13 @@ inm_lookup_locked(struct ifnet *ifp, const struct in_addr ina)
inm = NULL;
TAILQ_FOREACH(ifma, &((ifp)->if_multiaddrs), ifma_link) {
if (ifma->ifma_addr->sa_family == AF_INET) {
inm = (struct in_multi *)ifma->ifma_protospec;
if (inm->inm_addr.s_addr == ina.s_addr)
break;
inm = NULL;
}
if (ifma->ifma_addr->sa_family != AF_INET ||
ifma->ifma_protospec == NULL)
continue;
inm = (struct in_multi *)ifma->ifma_protospec;
if (inm->inm_addr.s_addr == ina.s_addr)
break;
inm = NULL;
}
return (inm);
}