aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--sys/netinet/in_pcb.c6
-rw-r--r--sys/netinet6/in6_pcb.c6
2 files changed, 8 insertions, 4 deletions
diff --git a/sys/netinet/in_pcb.c b/sys/netinet/in_pcb.c
index 350d08360105..5fddff89dd0a 100644
--- a/sys/netinet/in_pcb.c
+++ b/sys/netinet/in_pcb.c
@@ -2254,8 +2254,10 @@ in_pcblookup_hash_wild_smr(struct inpcbinfo *pcbinfo, struct in_addr faddr,
continue;
if (__predict_true(inp_smr_lock(inp, lockflags))) {
- if (__predict_true(in_pcblookup_wild_match(inp, laddr,
- lport) != INPLOOKUP_MATCH_NONE))
+ match = in_pcblookup_wild_match(inp, laddr, lport);
+ if (match != INPLOOKUP_MATCH_NONE &&
+ prison_check_ip4_locked(inp->inp_cred->cr_prison,
+ &laddr) == 0)
return (inp);
inp_unlock(inp, lockflags);
}
diff --git a/sys/netinet6/in6_pcb.c b/sys/netinet6/in6_pcb.c
index da7ed5ca79e0..43f567461598 100644
--- a/sys/netinet6/in6_pcb.c
+++ b/sys/netinet6/in6_pcb.c
@@ -1021,8 +1021,10 @@ in6_pcblookup_hash_wild_smr(struct inpcbinfo *pcbinfo,
continue;
if (__predict_true(inp_smr_lock(inp, lockflags))) {
- if (__predict_true(in6_pcblookup_wild_match(inp, laddr,
- lport) != INPLOOKUP_MATCH_NONE))
+ match = in6_pcblookup_wild_match(inp, laddr, lport);
+ if (match != INPLOOKUP_MATCH_NONE &&
+ prison_check_ip6_locked(inp->inp_cred->cr_prison,
+ laddr) == 0)
return (inp);
inp_unlock(inp, lockflags);
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-04 04:23:45 +0000