An invalid packet may not have set src and dst in packet descriptor.

author bluhm <bluhm@openbsd.org>

Wed, 20 Jan 2021 23:25:19 +0000 (23:25 +0000)

committer bluhm <bluhm@openbsd.org>

Wed, 20 Jan 2021 23:25:19 +0000 (23:25 +0000)
author bluhm <bluhm@openbsd.org>
Wed, 20 Jan 2021 23:25:19 +0000 (23:25 +0000)
committer bluhm <bluhm@openbsd.org>
Wed, 20 Jan 2021 23:25:19 +0000 (23:25 +0000)
diff --git a/sys/net/if_pflog.c b/sys/net/if_pflog.c

index 7b63991..a5bf67a 100644 (file)
--- a/sys/net/if_pflog.c
+++ b/sys/net/if_pflog.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: if_pflog.c,v 1.96 2021/01/20 13:40:15 bluhm Exp $     */
+/*     $OpenBSD: if_pflog.c,v 1.97 2021/01/20 23:25:19 bluhm Exp $     */
  /*
   * The authors of this code are John Ioannidis (ji@tla.org),
   * Angelos D. Keromytis (kermit@csd.uch.gr) and
@@ -232,12 +232,14 @@ pflog_packet(struct pf_pdesc *pd, u_int8_t reason, struct pf_rule *rm,
         hdr.dir = pd->dir;
         hdr.af = pd->af;
  
-       if (pd->af != pd->naf ||
-           pf_addr_compare(pd->src, &pd->nsaddr, pd->naf) != 0 ||
-           pf_addr_compare(pd->dst, &pd->ndaddr, pd->naf) != 0 ||
-           pd->osport != pd->nsport ||
-           pd->odport != pd->ndport) {
-               hdr.rewritten = 1;
+       if (pd->src != NULL && pd->dst != NULL) {
+               if (pd->af != pd->naf ||
+                   pf_addr_compare(pd->src, &pd->nsaddr, pd->naf) != 0 ||
+                   pf_addr_compare(pd->dst, &pd->ndaddr, pd->naf) != 0 ||
+                   pd->osport != pd->nsport ||
+                   pd->odport != pd->ndport) {
+                       hdr.rewritten = 1;
+               }
         }
         hdr.naf = pd->naf;
         pf_addrcpy(&hdr.saddr, &pd->nsaddr, pd->naf);
author	bluhm <bluhm@openbsd.org>
	Wed, 20 Jan 2021 23:25:19 +0000 (23:25 +0000)
committer	bluhm <bluhm@openbsd.org>
	Wed, 20 Jan 2021 23:25:19 +0000 (23:25 +0000)