driver: receive: don't use ParentNetBuffer when passing off NBLs to NDIS

Otherwise WFP attempts to correlate flows and winds up dereferencing garbage in ParentNetBuffer->NetBufferListInfo[WfpNetBufferListInfo]. Reported-by: Sam Sun <sam@samczsun.com> Reported-by: Jauder Ho <jauderho@gmail.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
author: Jason A. Donenfeld <Jason@zx2c4.com> 2021-08-03 02:09:30 +0200
committer: Jason A. Donenfeld <Jason@zx2c4.com> 2021-08-03 02:19:00 +0200
commit: 7f0f10ad935d0770ab540d6e4dd543bc8120e5ba (patch)
tree: 96f041a3aadfcf39d125a574267dd52b89e81ed6 /driver/receive.c
parent: api: incorporate new win7 code signing technique (diff)
download: wireguard-nt-7f0f10ad935d0770ab540d6e4dd543bc8120e5ba.tar.xz
wireguard-nt-7f0f10ad935d0770ab540d6e4dd543bc8120e5ba.zip
1 files changed, 0 insertions, 1 deletions
diff --git a/driver/receive.c b/driver/receive.c
index 9fc9cdb..cda511a 100644
--- a/driver/receive.c
+++ b/driver/receive.c
@@ -616,7 +616,6 @@ FreeReceiveNetBufferList(WG_DEVICE *Wg, NET_BUFFER_LIST *First)
         NextNbl = NET_BUFFER_LIST_NEXT_NBL(Nbl);
         NET_BUFFER_LIST_NEXT_NBL(Nbl) = NULL;
         WSK_DATAGRAM_INDICATION *DatagramIndication = NET_BUFFER_LIST_DATAGRAM_INDICATION(Nbl);
-        NET_BUFFER_LIST_DATAGRAM_INDICATION(Nbl) = NULL;
         SOCKET *Socket = (SOCKET *)DatagramIndication->Next;
         DatagramIndication->Next = NULL;
         ((WSK_PROVIDER_DATAGRAM_DISPATCH *)Socket->Sock->Dispatch)->WskRelease(Socket->Sock, DatagramIndication);
author	Jason A. Donenfeld <Jason@zx2c4.com>	2021-08-03 02:09:30 +0200
committer	Jason A. Donenfeld <Jason@zx2c4.com>	2021-08-03 02:19:00 +0200
commit	7f0f10ad935d0770ab540d6e4dd543bc8120e5ba (patch)
tree	96f041a3aadfcf39d125a574267dd52b89e81ed6 /driver/receive.c
parent	api: incorporate new win7 code signing technique (diff)
download	wireguard-nt-7f0f10ad935d0770ab540d6e4dd543bc8120e5ba.tar.xz wireguard-nt-7f0f10ad935d0770ab540d6e4dd543bc8120e5ba.zip