aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorXin LI <delphij@FreeBSD.org>2017-04-27 06:52:30 +0000
committerXin LI <delphij@FreeBSD.org>2017-04-27 06:52:30 +0000
commit30bf2773be254beb670c54634f7eda7e43c4a1c2 (patch)
tree7ab86de8bd19d80b9b93bf17298a81ef1c7c8f8a
parentc82f6a05864465cdd3dcff08cf10791a6f90835e (diff)
downloadsrc-30bf2773be254beb670c54634f7eda7e43c4a1c2.tar.gz
src-30bf2773be254beb670c54634f7eda7e43c4a1c2.zip
Fix ipfilter(4) fragment handling panic.
Security: FreeBSD-SA-17:04.ipfilter Approved by: so
Notes
Notes: svn path=/releng/10.3/; revision=317487
-rw-r--r--UPDATING4
-rw-r--r--sys/conf/newvers.sh2
-rw-r--r--sys/contrib/ipfilter/netinet/ip_frag.c2
3 files changed, 6 insertions, 2 deletions
diff --git a/UPDATING b/UPDATING
index 0688d5a40ea5..a1bef139f673 100644
--- a/UPDATING
+++ b/UPDATING
@@ -16,6 +16,10 @@ from older versions of FreeBSD, try WITHOUT_CLANG to bootstrap to the tip of
stable/10, and then rebuild without this option. The bootstrap process from
older version of current is a bit fragile.
+20170427 p19 FreeBSD-SA-17:04.ipfilter
+
+ Fix ipfilter(4) fragment handling panic. [SA-17:04]
+
20170412 p18 FreeBSD-SA-17:03.ntp
FreeBSD-EN-17:05.xen
diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh
index a67acf9a1080..88c6932dd3ee 100644
--- a/sys/conf/newvers.sh
+++ b/sys/conf/newvers.sh
@@ -32,7 +32,7 @@
TYPE="FreeBSD"
REVISION="10.3"
-BRANCH="RELEASE-p18"
+BRANCH="RELEASE-p19"
if [ "X${BRANCH_OVERRIDE}" != "X" ]; then
BRANCH=${BRANCH_OVERRIDE}
fi
diff --git a/sys/contrib/ipfilter/netinet/ip_frag.c b/sys/contrib/ipfilter/netinet/ip_frag.c
index 7e3457a91b79..10dee0919de8 100644
--- a/sys/contrib/ipfilter/netinet/ip_frag.c
+++ b/sys/contrib/ipfilter/netinet/ip_frag.c
@@ -456,7 +456,7 @@ ipfr_frag_new(softc, softf, fin, pass, table
IPFR_CMPSZ)) {
RWLOCK_EXIT(lock);
FBUMPD(ifs_exists);
- KFREE(fra);
+ KFREE(fran);
return NULL;
}