From bf29ce86459b6b1c3fbf9b048eebcb7bea4207dc Mon Sep 17 00:00:00 2001 From: Alexandr Nedvedicky Date: Wed, 15 Feb 2023 18:11:48 +0000 Subject: pfsync(4) panics on NULL pointer dereference if there are no data ready for bulk transfer. reported and fix kindly tested by hrvoje@ OK bluhm@ --- sys/net/if_pfsync.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'sys') diff --git a/sys/net/if_pfsync.c b/sys/net/if_pfsync.c index e2c86971336..600d474ae3b 100644 --- a/sys/net/if_pfsync.c +++ b/sys/net/if_pfsync.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_pfsync.c,v 1.312 2023/01/04 10:31:55 dlg Exp $ */ +/* $OpenBSD: if_pfsync.c,v 1.313 2023/02/15 18:11:47 sashan Exp $ */ /* * Copyright (c) 2002 Michael Shalayeff @@ -2464,6 +2464,11 @@ pfsync_bulk_update(void *arg) st = sc->sc_bulk_next; sc->sc_bulk_next = NULL; + if (st == NULL) { + rw_exit_read(&pf_state_list.pfs_rwl); + goto out; + } + for (;;) { if (st->sync_state == PFSYNC_S_NONE && st->timeout < PFTM_MAX && -- cgit v1.2.3