| created | 2021-06-27T10:20:42Z |
|---|---|
| begin | 2021-06-23T04:16:32Z |
| end | 2021-06-23T05:43:53Z |
| path | src/sys |
| commits | 1 |
| date | 2021-06-23T05:43:53Z | |||
|---|---|---|---|---|
| author | dlg | |||
| files | src/sys/net/if_pfsync.c | log | diff | annotate |
| message |
pfsync_undefer_notify needs to be careful before dereferecing state keys. pfsync_undefer_notify uses the state keys to look up the address family, which is used to figure out if it should call ipv4 or ipv6 functions. however, the pf state purge code can unlink a state from the trees (ie, the state keys get removed) while the pfsync defer code is holding a reference to it and expects to be able to send the deferred packet in the future. we can test if the state keys are set by checking if the timeout state is PFTM_UNLINK or not. this currently relies on both pf_remove_state and pfsync_undefer_notify being called with the NET_LOCK held. this probably needs to be rethought later but is good enough for now. found the hard way on a production firewall at work. |
|||