NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

kern/53075: nd6_dad_duplicated gets called with NULL argument

>Number:         53075
>Category:       kern
>Synopsis:       nd6_dad_duplicated gets called with NULL argument
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Mar 06 19:25:00 +0000 2018
>Originator:     Martin Husemann
>Release:        NetBSD 8.99.12
The NetBSD Foundation, Inc.
System: NetBSD 8.99.12 NetBSD 8.99.12 (NIGHT-OWL) #586: Tue Mar 6 20:09:36 CET 2018 amd64
Architecture: x86_64
Machine: amd64

If I enable DAD (which is the default), I get an ~instant crash as soon
as my machine connects to a certain wlan.

I used to have DAD globally disabled for PR 48450 and only just enabled
it again to test Roy's DAD changes. This issue is older though.

see above

This patch avoids the crash, but I haven't checked if this is a legitimate
call or caused by some other bug. And I don't know if just ignoring the
call is the right thing to do.

Index: nd6_nbr.c
RCS file: /cvsroot/src/sys/netinet6/nd6_nbr.c,v
retrieving revision 1.150
diff -u -p -r1.150 nd6_nbr.c
--- nd6_nbr.c	6 Mar 2018 11:21:31 -0000	1.150
+++ nd6_nbr.c	6 Mar 2018 19:14:03 -0000
@@ -1385,11 +1385,15 @@ done:
 static void
 nd6_dad_duplicated(struct dadq *dp)
-	struct ifaddr *ifa = dp->dad_ifa;
+	struct ifaddr *ifa;
 	struct in6_ifaddr *ia;
 	struct ifnet *ifp;
 	char ip6buf[INET6_ADDRSTRLEN];
+	if (dp == NULL)
+		return;
+	ifa = dp->dad_ifa;
 	KASSERT(ifa != NULL);

Home | Main Index | Thread Index | Old Index