Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 25 Feb 2016 01:08:14 +0000
From:      bugzilla-noreply@freebsd.org
To:        freebsd-stable@FreeBSD.org
Subject:   [Bug 207463] [patch] stable/10/sys/netpfil/pf/pf_ioctl.c:pfioctl(DIOCRSETADDRS) buffer overflow
Message-ID:  <bug-207463-8075-84J7j5Kv9F@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-207463-8075@https.bugs.freebsd.org/bugzilla/>
References:  <bug-207463-8075@https.bugs.freebsd.org/bugzilla/>

next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D207463

--- Comment #2 from Paul J Murphy <paul@inetstat.net> ---
Yes, you are correct.  My patch was sufficient only for the default usage by
/sbin/pfctl, but left scope for other usage to cause problems.  I've looked
over your patch, and it looks good to me.  The existing buffer protection c=
ode
in pfr_set_addrs() also looks like it will handle a smaller size2 cleanly. =
 I
have just updated my releng/10.2 system to stable/10's sys/netpfil/pf and
sbin/pfctl, with your patch applied to it, and it seems to both pass a quick
and basic functionality test, and fix bug #192677 (it is now successfully
replacing a pf table with over 130,000 addrs, where 10.2-p12 fails for anyt=
hing
over around 65,000).

Thanks.

--=20
You are receiving this mail because:
You are on the CC list for the bug.=



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-207463-8075-84J7j5Kv9F>