Add NULL check before dereferencing inp_seclevel.

In some cases inp may be NULL, so check that before passing
inp->inp_seclevel to ipsp_spd_lookup() or ip_output().

Missed in previous commit.

diff --git a/sys/netinet/tcp_input.c b/sys/netinet/tcp_input.c
index 0b36dec..2a4aec3 100644 (file)
--- a/sys/netinet/tcp_input.c
+++ b/sys/netinet/tcp_input.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: tcp_input.c,v 1.393 2023/11/26 22:08:10 bluhm Exp $   */
+/*     $OpenBSD: tcp_input.c,v 1.394 2023/11/27 20:37:15 bluhm Exp $   */
 /*     $NetBSD: tcp_input.c,v 1.23 1996/02/13 23:43:44 christos Exp $  */
 
 /*
@@ -586,7 +586,7 @@ findpcb:
                            &tdbi->dst, tdbi->proto);
                }
                error = ipsp_spd_lookup(m, af, iphlen, IPSP_DIRECTION_IN,
-                   tdb, inp->inp_seclevel, NULL, NULL);
+                   tdb, inp ? inp->inp_seclevel : NULL, NULL, NULL);
                tdb_unref(tdb);
                if (error) {
                        tcpstat_inc(tcps_rcvnosec);
@@ -4162,7 +4162,8 @@ syn_cache_respond(struct syn_cache *sc, struct mbuf *m, uint64_t now)
                        ip->ip_tos = inp->inp_ip.ip_tos;
 
                error = ip_output(m, sc->sc_ipopts, &sc->sc_route4,
-                   (ip_mtudisc ? IP_MTUDISC : 0),  NULL, inp->inp_seclevel, 0);
+                   (ip_mtudisc ? IP_MTUDISC : 0),  NULL,
+                   inp ? inp->inp_seclevel : NULL, 0);
                break;
 #ifdef INET6
        case AF_INET6:

diff --git a/sys/netinet/udp_usrreq.c b/sys/netinet/udp_usrreq.c
index c9b4c51..0ab353d 100644 (file)
--- a/sys/netinet/udp_usrreq.c
+++ b/sys/netinet/udp_usrreq.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: udp_usrreq.c,v 1.307 2023/11/26 22:08:10 bluhm Exp $  */
+/*     $OpenBSD: udp_usrreq.c,v 1.308 2023/11/27 20:37:15 bluhm Exp $  */
 /*     $NetBSD: udp_usrreq.c,v 1.28 1996/03/16 23:54:03 christos Exp $ */
 
 /*
@@ -543,7 +543,7 @@ udp_input(struct mbuf **mp, int *offp, int proto, int af)
                } else
                        tdb = NULL;
                error = ipsp_spd_lookup(m, af, iphlen, IPSP_DIRECTION_IN,
-                   tdb, inp->inp_seclevel, NULL, NULL);
+                   tdb, inp ? inp->inp_seclevel : NULL, NULL, NULL);
                if (error) {
                        udpstat_inc(udps_nosec);
                        tdb_unref(tdb);