netbsd-bugs: PR/35273 CVS commit: src/sys/netinet

Subject: PR/35273 CVS commit: src/sys/netinet
To: None <joerg@NetBSD.org, gnats-admin@netbsd.org, netbsd-bugs@netbsd.org,>
From: Joerg Sonnenberger <joerg@netbsd.org>
List: netbsd-bugs
Date: 01/13/2007 23:15:05

The following reply was made to PR kern/35273; it has been noted by GNATS.

From: Joerg Sonnenberger <joerg@netbsd.org>
To: gnats-bugs@NetBSD.org
Cc: 
Subject: PR/35273 CVS commit: src/sys/netinet
Date: Sat, 13 Jan 2007 23:13:46 +0000 (UTC)

 Module Name:	src
 Committed By:	joerg
 Date:		Sat Jan 13 23:13:46 UTC 2007

 Modified Files:
 	src/sys/netinet: ip_output.c

 Log Message:
 Unconditionally zero and free iproute. Before IPsec tunnel packets e.g.
 from ICMP could end up in leaking the reference in iproute, as
 ipsec4_output would overwrite the ro pointer in state.

 Tested by Juraj Hercek and supposed to fix PR kern/35273 and kern/35318.

 To generate a diff of this commit:
 cvs rdiff -r1.173 -r1.174 src/sys/netinet/ip_output.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.