Commit e5ca5e80 authored by Kristof Provost's avatar Kristof Provost
Browse files

pf: ensure we don't destroy an uninitialised lock

The new lock introduced in 5f5e32f1 needs to be initialised early so
that it can be safely destroyed if we error out.

MFC after:	3 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
parent 340cebe9
......@@ -1862,6 +1862,8 @@ pf_ioctl_addrule(struct pf_krule *rule, uint32_t ticket,
int rs_num;
int error = 0;
mtx_init(&rule->rpool.mtx, "pf_krule_pool", NULL, MTX_DEF);
if ((rule->return_icmp >> 8) > ICMP_MAXTYPE) {
error = EINVAL;
goto errout_unlocked;
......@@ -2002,7 +2004,6 @@ pf_ioctl_addrule(struct pf_krule *rule, uint32_t ticket,
rule, entries);
mtx_init(&rule->rpool.mtx, "pf_krule_pool", NULL, MTX_DEF);
return (0);
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment