diff options
| author | Alexander Bluhm <bluhm@cvs.openbsd.org> | 2022-02-07 15:23:44 +0000 |
|---|---|---|
| committer | Alexander Bluhm <bluhm@cvs.openbsd.org> | 2022-02-07 15:23:44 +0000 |
| commit | e3869c635618b6b8331ec10cb1c3d77a07aeaf91 (patch) | |
| tree | 7cfa3ccc34da38105c09c1f888336ca3d33bf95e /sys/netinet6 | |
| parent | b0066b1c78b4e77036329b93d55e8963e3826e30 (diff) | |
Checking ifaddr pointer for NULL without checking in6_ifaddr works
as ifaddr ia_ifa is the first field of in6_ifaddr. So the pointers
are the same, and one NULL check works for both. But in ISO C NULL
has some kind of type and this is undefined behavior. So add a
second NULL check that the compiler can optimize away. The resulting
assembler is the same.
found by kubsan; OK tobhe@
Diffstat (limited to 'sys/netinet6')
| -rw-r--r-- | sys/netinet6/nd6.c | 8 | ||||
| -rw-r--r-- | sys/netinet6/nd6_nbr.c | 6 |
2 files changed, 9 insertions, 5 deletions
diff --git a/sys/netinet6/nd6.c b/sys/netinet6/nd6.c index 70acc36fcc0..3cfa93dd685 100644 --- a/sys/netinet6/nd6.c +++ b/sys/netinet6/nd6.c @@ -1,4 +1,4 @@ -/* $OpenBSD: nd6.c,v 1.236 2021/11/07 19:38:25 sthen Exp $ */ +/* $OpenBSD: nd6.c,v 1.237 2022/02/07 15:23:43 bluhm Exp $ */ /* $KAME: nd6.c,v 1.280 2002/06/08 19:52:07 itojun Exp $ */ /* @@ -792,6 +792,7 @@ nd6_rtrequest(struct ifnet *ifp, int req, struct rtentry *rt) struct sockaddr *gate = rt->rt_gateway; struct llinfo_nd6 *ln = (struct llinfo_nd6 *)rt->rt_llinfo; struct ifaddr *ifa; + struct in6_ifaddr *ifa6; if (ISSET(rt->rt_flags, RTF_GATEWAY|RTF_MULTICAST|RTF_MPLS)) return; @@ -944,8 +945,9 @@ nd6_rtrequest(struct ifnet *ifp, int req, struct rtentry *rt) * check if rt_key(rt) is one of my address assigned * to the interface. */ - ifa = &in6ifa_ifpwithaddr(ifp, - &satosin6(rt_key(rt))->sin6_addr)->ia_ifa; + ifa6 = in6ifa_ifpwithaddr(ifp, + &satosin6(rt_key(rt))->sin6_addr); + ifa = ifa6 ? &ifa6->ia_ifa : NULL; if (ifa) { ln->ln_state = ND6_LLINFO_REACHABLE; ln->ln_byhint = 0; diff --git a/sys/netinet6/nd6_nbr.c b/sys/netinet6/nd6_nbr.c index 8d6bf3841b8..5061a325f55 100644 --- a/sys/netinet6/nd6_nbr.c +++ b/sys/netinet6/nd6_nbr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: nd6_nbr.c,v 1.130 2021/12/13 14:30:16 bluhm Exp $ */ +/* $OpenBSD: nd6_nbr.c,v 1.131 2022/02/07 15:23:43 bluhm Exp $ */ /* $KAME: nd6_nbr.c,v 1.61 2001/02/10 16:06:14 jinmei Exp $ */ /* @@ -568,6 +568,7 @@ nd6_na_input(struct mbuf *m, int off, int icmp6len) char *lladdr = NULL; int lladdrlen = 0; struct ifaddr *ifa; + struct in6_ifaddr *ifa6; struct llinfo_nd6 *ln; struct rtentry *rt = NULL; struct sockaddr_dl *sdl; @@ -637,7 +638,8 @@ nd6_na_input(struct mbuf *m, int off, int icmp6len) lladdrlen = ndopts.nd_opts_tgt_lladdr->nd_opt_len << 3; } - ifa = &in6ifa_ifpwithaddr(ifp, &taddr6)->ia_ifa; + ifa6 = in6ifa_ifpwithaddr(ifp, &taddr6); + ifa = ifa6 ? &ifa6->ia_ifa : NULL; /* * Target address matches one of my interface address. |