netinet/ip - Avoid a NULL pointer dereference.
authorAntonio Huete Jimenez <tuxillo@quantumachine.net>
Thu, 10 Apr 2014 13:17:04 +0000 (15:17 +0200)
committerAntonio Huete Jimenez <tuxillo@quantumachine.net>
Thu, 10 Apr 2014 13:17:50 +0000 (15:17 +0200)
- Before checking for packets on broadcast addresses, see if there
  is actually a ifnet associated with the mbuf being handled.

FreeBSD-SVN: 130685
DragonFly-bug: <http://bugs.dragonflybsd.org/issues/2660>
Reported-and-Found-by: Vasily Postnicov
This commit closes #2660

sys/netinet/ip_input.c

index b3bf6ee..3387c43 100644 (file)
@@ -681,7 +681,8 @@ pass:
         * be handled via ip_forward() and ether_output() with the loopback
         * into the stack for SIMPLEX interfaces handled by ether_output().
         */
-       if (m->m_pkthdr.rcvif->if_flags & IFF_BROADCAST) {
+       if (m->m_pkthdr.rcvif != NULL &&
+           m->m_pkthdr.rcvif->if_flags & IFF_BROADCAST) {
                struct ifaddr_container *ifac;
 
                TAILQ_FOREACH(ifac, &m->m_pkthdr.rcvif->if_addrheads[mycpuid],