upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-03-31 23:15:10 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

wg_input: avoid leaking due to an m_defrag failure

Browse source 
m_defrag() will not free the chain on failure, leaking the mbuf.

Obtained from:	OpenBSD
MFC after:	3 days
This commit is contained in:
Kyle Evans 2021-03-07 20:49:00 -06:00
parent d9a50109e2
commit df55485085
1 changed files with 7 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
sys/dev/if_wg/module/if_wg_session.c
View file

@ -1905,7 +1905,13 @@ wg_input(struct mbuf *m0, int offset, struct inpcb *inpcb,
m_adj(m0, hlen);
if ((m = m_defrag(m0, M_NOWAIT)) == NULL) {
/*
* Ensure mbuf is contiguous over full length of the packet. This is
* done so that we can directly read the handshake values in
* wg_handshake, and so we can decrypt a transport packet by passing a
* a single buffer to noise_remote_decrypt() in wg_decap.
*/
if ((m = m_pullup(m0, m0->m_pkthdr.len)) == NULL) {
DPRINTF(sc, "DEFRAG fail\n");
return;
}