diff options
author | Henning Brauer <henning@cvs.openbsd.org> | 2008-07-04 00:56:49 +0000 |
---|---|---|
committer | Henning Brauer <henning@cvs.openbsd.org> | 2008-07-04 00:56:49 +0000 |
commit | 4a3279308d365a0c004fecee6d7375c53e8b66ba (patch) | |
tree | dca7bc929a29855dd4a1398a446a086cef588022 /usr.bin/sup | |
parent | d791140be61340861c02aa72527aa7f0175be23c (diff) |
in pf_state_key_attach(), when we find that there already is a state key
that we can attach the state to, make sure to not overwrite the state key
pointer in the state that was just set to the existing state key with the
state key that was supplied with the state and just free'd (well, pool_put'd).
by the time we clean up the state and try to follow it to RB_REMOVE etc
we'd follow that garbage pointer to either an unrelated state key or the old
state key still sitting unused in the pool.
should fix the RB_REMOVE panics some people have been seeing.
"clearly ok, please commit" ryan
Diffstat (limited to 'usr.bin/sup')
0 files changed, 0 insertions, 0 deletions