xnu-792.24.17.tar.gz

[apple/xnu.git] / bsd / netinet / ip_input.c

diff --git a/bsd/netinet/ip_input.c b/bsd/netinet/ip_input.c
index 89f607747655b1e15cb41b0d86adf810e1522719..f567de39e488da39e42a107375369d7d7feb5181 100644 (file)
--- a/bsd/netinet/ip_input.c
+++ b/bsd/netinet/ip_input.c
@@ -685,8 +685,10 @@ iphack:
        if (fr_checkp) {
                struct  mbuf    *m1 = m;
 
-               if (fr_checkp(ip, hlen, m->m_pkthdr.rcvif, 0, &m1) || !m1)
+               if (fr_checkp(ip, hlen, m->m_pkthdr.rcvif, 0, &m1) || !m1) {
+                       lck_mtx_unlock(ip_mutex);
                        return;
+               }
                ip = mtod(m = m1, struct ip *);
        }
        if (fw_enable && IPFW_LOADED) {
@@ -700,22 +702,24 @@ iphack:
 #endif /* IPFIREWALL_FORWARD */
 
                args.m = m;
+               lck_mtx_unlock(ip_mutex);
+
                i = ip_fw_chk_ptr(&args);
                m = args.m;
 
                if ( (i & IP_FW_PORT_DENY_FLAG) || m == NULL) { /* drop */
                        if (m)
-              m_freem(m);
-                       lck_mtx_unlock(ip_mutex);
+                               m_freem(m);
                        return;
                }
                ip = mtod(m, struct ip *); /* just in case m changed */
-               if (i == 0 && args.next_hop == NULL)    /* common case */
+               if (i == 0 && args.next_hop == NULL) {  /* common case */
+                       lck_mtx_lock(ip_mutex);
                        goto pass;
+               }
 #if DUMMYNET
                 if (DUMMYNET_LOADED && (i & IP_FW_PORT_DYNT_FLAG) != 0) {
                        /* Send packet to the appropriate pipe */
-                       lck_mtx_unlock(ip_mutex);
                        ip_dn_io_ptr(m, i&0xffff, DN_TO_IP_IN, &args);
                        return;
                }
@@ -723,19 +727,21 @@ iphack:
 #if IPDIVERT
                if (i != 0 && (i & IP_FW_PORT_DYNT_FLAG) == 0) {
                        /* Divert or tee packet */
+                       lck_mtx_lock(ip_mutex);
                        div_info = i;
                        goto ours;
                }
 #endif
 #if IPFIREWALL_FORWARD
-               if (i == 0 && args.next_hop != NULL)
+               if (i == 0 && args.next_hop != NULL) {
+                       lck_mtx_lock(ip_mutex);
                        goto pass;
+               }
 #endif
                /*
                 * if we get here, the packet must be dropped
                 */
                m_freem(m);
-               lck_mtx_unlock(ip_mutex);
                return;
        }
 pass:
@@ -2271,8 +2277,12 @@ ip_savecontrol(
                ifnet_head_lock_shared();
                if (((ifp = m->m_pkthdr.rcvif)) 
                && ( ifp->if_index && (ifp->if_index <= if_index))) {
-                       sdp = (struct sockaddr_dl *)(ifnet_addrs
-                                       [ifp->if_index - 1]->ifa_addr);
+                       struct ifaddr *ifa = ifnet_addrs[ifp->if_index - 1];
+                       
+                       if (!ifa || !ifa->ifa_addr)
+                               goto makedummy;
+                       
+                       sdp = (struct sockaddr_dl *)ifa->ifa_addr;
                        /*
                         * Change our mind and don't try copy.
                         */