-/* $OpenBSD: ip_icmp.c,v 1.151 2015/12/09 09:27:40 mpi Exp $ */
+/* $OpenBSD: ip_icmp.c,v 1.152 2016/08/22 15:37:23 mpi Exp $ */
/* $NetBSD: ip_icmp.c,v 1.19 1996/02/13 23:42:22 christos Exp $ */
/*
struct ip *ip = mtod(m, struct ip *);
struct mbuf *opts = NULL;
struct sockaddr_in sin;
- struct rtentry *rt;
+ struct rtentry *rt = NULL;
int optlen = (ip->ip_hl << 2) - sizeof(struct ip);
u_int rtableid;
if (rtisvalid(rt) &&
ISSET(rt->rt_flags, RTF_LOCAL|RTF_BROADCAST))
ia = ifatoia(rt->rt_ifa);
- rtfree(rt);
}
/*
* drop the packet as there is no path to the host.
*/
if (ia == NULL) {
+ rtfree(rt);
+
memset(&sin, 0, sizeof(sin));
sin.sin_len = sizeof(sin);
sin.sin_family = AF_INET;
}
ia = ifatoia(rt->rt_ifa);
- rtfree(rt);
}
ip->ip_dst = ip->ip_src;
- ip->ip_src = ia->ia_addr.sin_addr;
ip->ip_ttl = MAXTTL;
+ /* It is safe to dereference ``ia'' iff ``rt'' is valid. */
+ ip->ip_src = ia->ia_addr.sin_addr;
+ rtfree(rt);
+
if (optlen > 0) {
u_char *cp;
int opt, cnt;
-/* $OpenBSD: mpls_input.c,v 1.56 2016/07/11 09:23:06 mpi Exp $ */
+/* $OpenBSD: mpls_input.c,v 1.57 2016/08/22 15:37:23 mpi Exp $ */
/*
* Copyright (c) 2008 Claudio Jeker <claudio@openbsd.org>
m_freem(m);
return (NULL);
}
- rtfree(rt);
+ /* It is safe to dereference ``ia'' iff ``rt'' is valid. */
error = icmp_reflect(m, NULL, ia);
+ rtfree(rt);
if (error)
return (NULL);
projects / openbsd / commitdiff