diff options
author | bluhm <bluhm@openbsd.org> | 2016-07-19 21:28:43 +0000 |
---|---|---|
committer | bluhm <bluhm@openbsd.org> | 2016-07-19 21:28:43 +0000 |
commit | a6ae9b104fd65f11a8e48e69a1e493e4b727605e (patch) | |
tree | b2a3a6fd1db392f9b24c8b55d54f2d0740968272 /sys/netinet/tcp_output.c | |
parent | strip back openssl ca: in particular remove some excessively wordy sections, (diff) | |
download | wireguard-openbsd-a6ae9b104fd65f11a8e48e69a1e493e4b727605e.tar.xz wireguard-openbsd-a6ae9b104fd65f11a8e48e69a1e493e4b727605e.zip |
Plug an mbuf leak in the error path of tcp signature in tcp_output().
OK claudio@ henning@
Diffstat (limited to 'sys/netinet/tcp_output.c')
-rw-r--r-- | sys/netinet/tcp_output.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/sys/netinet/tcp_output.c b/sys/netinet/tcp_output.c index bf67b1bf383..77e2321ec84 100644 --- a/sys/netinet/tcp_output.c +++ b/sys/netinet/tcp_output.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tcp_output.c,v 1.117 2016/06/13 21:24:43 bluhm Exp $ */ +/* $OpenBSD: tcp_output.c,v 1.118 2016/07/19 21:28:43 bluhm Exp $ */ /* $NetBSD: tcp_output.c,v 1.16 1997/06/03 16:17:09 kml Exp $ */ /* @@ -931,12 +931,16 @@ send: tdb = gettdbbysrcdst(rtable_l2(tp->t_inpcb->inp_rtableid), 0, &src, &dst, IPPROTO_TCP); - if (tdb == NULL) + if (tdb == NULL) { + m_freem(m); return (EPERM); + } if (tcp_signature(tdb, tp->pf, m, th, iphlen, 0, - mtod(m, caddr_t) + hdrlen - optlen + sigoff) < 0) + mtod(m, caddr_t) + hdrlen - optlen + sigoff) < 0) { + m_freem(m); return (EINVAL); + } } #endif /* TCP_SIGNATURE */ |