pflow: handle unattached states

It's possible for states to be cleaned up (through pf_detach_state()) that
have not been fully attached. For example if there's an ID conflict during
pf_state_insert().

pflow exports states from pf_detach_state(), so it can get called on such
states, but did not account for this and could end up dereferencing a NULL
state key.

Check for this in export_pflow() and do not export unattached states.

See also:	https://redmine.pfsense.org/issues/15446
Sponsored by:	Rubicon Communications, LLC ("Netgate")
This commit is contained in:
Kristof Provost
2024-04-29 11:51:17 +02:00
parent 86fbb05da1
commit 221d459fbc
+4
View File
@@ -750,6 +750,10 @@ export_pflow(const struct pf_kstate *st)
NET_EPOCH_ASSERT();
/* e.g. if pf_state_key_attach() fails. */
if (st->key[PF_SK_STACK] == NULL || st->key[PF_SK_WIRE] == NULL)
return;
sk = st->key[st->direction == PF_IN ? PF_SK_WIRE : PF_SK_STACK];
CK_LIST_FOREACH(sc, &V_pflowif_list, sc_next) {