src - OpenBSD base system

diff options


context:
space:
mode:

author	Alexander Bluhm <bluhm@cvs.openbsd.org>	2021-11-29 15:40:00 +0000
committer	Alexander Bluhm <bluhm@cvs.openbsd.org>	2021-11-29 15:40:00 +0000
commit	3525936ff6583017c15a010a7cae0020809cab8a (patch)
tree	0814cbb5ce892b144458fcd56e2bcc1c83480828 /sys/net
parent	f2f726fdb610c068aa8707f9d159ae9e6a912b7c (diff)

Using a void pointer for temporary allocated TDB in pfkeyv2 does

not make sense. Do not use the freeme pointer for TDB in pfkeyv2_send(). The pattern is tdb_alloc() and tdb_unref() in case of error. Replace tdb_free() in reserve_spi() with tdb_unref() to keep this consistent. Only tdb_unref() should call tdb_free(). OK mvs@

Diffstat (limited to 'sys/net')

-rw-r--r--

sys/net/pfkeyv2.c

1 files changed, 19 insertions, 31 deletions

diff --git a/sys/net/pfkeyv2.c b/sys/net/pfkeyv2.c
index b47e19e2a79..c0ed3701aac 100644
--- a/sys/net/pfkeyv2.c
+++ b/sys/net/pfkeyv2.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: pfkeyv2.c,v 1.223 2021/11/26 16:16:35 tobhe Exp $ */

+/* $OpenBSD: pfkeyv2.c,v 1.224 2021/11/29 15:39:59 bluhm Exp $ */

* @(#)COPYRIGHT 1.1 (NRL) 17 January 1995

@@ -1324,22 +1324,18 @@ pfkeyv2_send(struct socket *so, void *message, int len)

int alg;

/* Create new TDB */

- freeme_sz = 0;

- freeme = tdb_alloc(rdomain);

- bzero(&ii, sizeof(struct ipsecinit));

- newsa = (struct tdb *) freeme;

+ newsa = tdb_alloc(rdomain);

newsa->tdb_satype = smsg->sadb_msg_satype;

if ((rval = pfkeyv2_get_proto_alg(newsa->tdb_satype,

&newsa->tdb_sproto, &alg))) {

- tdb_unref(freeme);

- freeme = NULL;

+ tdb_unref(newsa);

NET_UNLOCK();

goto ret;

}

/* Initialize SA */

+ bzero(&ii, sizeof(struct ipsecinit));

import_sa(newsa, headers[SADB_EXT_SA], &ii);

import_address(&newsa->tdb_src.sa,

headers[SADB_EXT_ADDRESS_SRC]);

@@ -1369,8 +1365,7 @@ pfkeyv2_send(struct socket *so, void *message, int len)

headers[SADB_X_EXT_DST_MASK],

headers[SADB_X_EXT_PROTOCOL],

headers[SADB_X_EXT_FLOW_TYPE]))) {

- tdb_unref(freeme);

- freeme = NULL;

+ tdb_unref(newsa);

NET_UNLOCK();

goto ret;

}

@@ -1392,8 +1387,7 @@ pfkeyv2_send(struct socket *so, void *message, int len)

rval = tdb_init(newsa, alg, &ii);

if (rval) {

rval = EINVAL;

- tdb_unref(freeme);

- freeme = NULL;

+ tdb_unref(newsa);

NET_UNLOCK();

goto ret;

}

@@ -1402,8 +1396,7 @@ pfkeyv2_send(struct socket *so, void *message, int len)

/* Delete old version of the SA, insert new one */

tdb_delete(sa2);

- puttdb((struct tdb *) freeme);

- freeme = NULL;

+ puttdb(newsa);

} else {

* The SA is already initialized, so we're only allowed to

@@ -1497,26 +1490,24 @@ pfkeyv2_send(struct socket *so, void *message, int len)

goto ret;

}

- /* Allocate and initialize new TDB */

- freeme_sz = 0;

- freeme = tdb_alloc(rdomain);

{

- struct tdb *newsa = (struct tdb *) freeme;

+ struct tdb *newsa;

struct ipsecinit ii;

int alg;

- bzero(&ii, sizeof(struct ipsecinit));

+ /* Create new TDB */

+ newsa = tdb_alloc(rdomain);

newsa->tdb_satype = smsg->sadb_msg_satype;

if ((rval = pfkeyv2_get_proto_alg(newsa->tdb_satype,

&newsa->tdb_sproto, &alg))) {

- tdb_unref(freeme);

- freeme = NULL;

+ tdb_unref(newsa);

NET_UNLOCK();

goto ret;

}

+ /* Initialize SA */

+ bzero(&ii, sizeof(struct ipsecinit));

import_sa(newsa, headers[SADB_EXT_SA], &ii);

import_address(&newsa->tdb_src.sa,

headers[SADB_EXT_ADDRESS_SRC]);

@@ -1549,8 +1540,7 @@ pfkeyv2_send(struct socket *so, void *message, int len)

headers[SADB_X_EXT_DST_MASK],

headers[SADB_X_EXT_PROTOCOL],

headers[SADB_X_EXT_FLOW_TYPE]))) {

- tdb_unref(freeme);

- freeme = NULL;

+ tdb_unref(newsa);

NET_UNLOCK();

goto ret;

}

@@ -1572,18 +1562,16 @@ pfkeyv2_send(struct socket *so, void *message, int len)

rval = tdb_init(newsa, alg, &ii);

if (rval) {

rval = EINVAL;

- tdb_unref(freeme);

- freeme = NULL;

+ tdb_unref(newsa);

NET_UNLOCK();

goto ret;

}

- }

- /* Add TDB in table */

- puttdb((struct tdb *) freeme);

+ /* Add TDB in table */

+ puttdb(newsa);

+ }

NET_UNLOCK();

- freeme = NULL;

break;

case SADB_DELETE: