diff options
author | Daniel Hartmeier <dhartmei@cvs.openbsd.org> | 2006-01-18 22:03:22 +0000 |
---|---|---|
committer | Daniel Hartmeier <dhartmei@cvs.openbsd.org> | 2006-01-18 22:03:22 +0000 |
commit | 2c23476f87cb8e899f2d8feb5eadf61075350f7e (patch) | |
tree | 047cdfdcf5417c72b3e09f0fb409efc1d1768548 /sys/net/pf_norm.c | |
parent | 7cc1380dd1c3ed5fc6869c91e7c7824f5e1dc944 (diff) |
fix a bug in the fragment cache (used for 'scrub fragment crop/drop-ovl',
but not 'fragment reassemble'), which can cause some fragments to get
inserted into the cache twice, thereby violating an invariant, and panic-
ing the system subsequently. ok deraadt@
Diffstat (limited to 'sys/net/pf_norm.c')
-rw-r--r-- | sys/net/pf_norm.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sys/net/pf_norm.c b/sys/net/pf_norm.c index 4d1d77578bc..76be7c7217e 100644 --- a/sys/net/pf_norm.c +++ b/sys/net/pf_norm.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf_norm.c,v 1.103 2005/10/17 08:43:35 henning Exp $ */ +/* $OpenBSD: pf_norm.c,v 1.104 2006/01/18 22:03:21 dhartmei Exp $ */ /* * Copyright 2001 Niels Provos <provos@citi.umich.edu> @@ -704,7 +704,7 @@ pf_fragcache(struct mbuf **m0, struct ip *h, struct pf_fragment **frag, int mff, } else { hosed++; } - } else { + } else if (frp == NULL) { /* There is a gap between fragments */ DPFPRINTF(("fragcache[%d]: gap %d %d-%d (%d-%d)\n", h->ip_id, -aftercut, off, max, fra->fr_off, |