diff options
| author |   bluhm <bluhm@openbsd.org> | 2021-01-20 23:25:19 +0000 |
|---|---|---|
| committer | bluhm <bluhm@openbsd.org> | 2021-01-20 23:25:19 +0000 |
| commit | c34fe1b3cf88eb8acf1a10a07d780dbf157bdf0b (patch) | |
| tree | 5beaec3fd7d44476ab64c942f7c968e6164883a8 | |
| parent | Missing return value; ok jmc@ (diff) | |
| download | wireguard-openbsd-c34fe1b3cf88eb8acf1a10a07d780dbf157bdf0b.tar.xz wireguard-openbsd-c34fe1b3cf88eb8acf1a10a07d780dbf157bdf0b.zip | |
An invalid packet may not have set src and dst in packet descriptor.
Add a NULL check to prevent crash in pflog(4) introduced in previous
commit.
Reported-by: syzbot+c6d2f2ad34b822bce98a@syzkaller.appspotmail.com
| -rw-r--r-- | sys/net/if_pflog.c | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/sys/net/if_pflog.c b/sys/net/if_pflog.c index 7b63991676e..a5bf67ac002 100644 --- a/sys/net/if_pflog.c +++ b/sys/net/if_pflog.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_pflog.c,v 1.96 2021/01/20 13:40:15 bluhm Exp $ */ +/* $OpenBSD: if_pflog.c,v 1.97 2021/01/20 23:25:19 bluhm Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), * Angelos D. Keromytis (kermit@csd.uch.gr) and @@ -232,12 +232,14 @@ pflog_packet(struct pf_pdesc *pd, u_int8_t reason, struct pf_rule *rm, hdr.dir = pd->dir; hdr.af = pd->af; - if (pd->af != pd->naf || - pf_addr_compare(pd->src, &pd->nsaddr, pd->naf) != 0 || - pf_addr_compare(pd->dst, &pd->ndaddr, pd->naf) != 0 || - pd->osport != pd->nsport || - pd->odport != pd->ndport) { - hdr.rewritten = 1; + if (pd->src != NULL && pd->dst != NULL) { + if (pd->af != pd->naf || + pf_addr_compare(pd->src, &pd->nsaddr, pd->naf) != 0 || + pf_addr_compare(pd->dst, &pd->ndaddr, pd->naf) != 0 || + pd->osport != pd->nsport || + pd->odport != pd->ndport) { + hdr.rewritten = 1; + } } hdr.naf = pd->naf; pf_addrcpy(&hdr.saddr, &pd->nsaddr, pd->naf); |