Date: Wed, 2 Oct 2002 06:25:46 -0700 From: Luigi Rizzo <rizzo@icir.org> To: Andrey Simonenko <simon@simon.org.ua> Cc: freebsd-net@FreeBSD.ORG Subject: Re: Q about sbin/ipfw2.c:list() Message-ID: <20021002062546.C22163@iguana.icir.org> In-Reply-To: <20021002141006.A1093-100000@lion.com.ua>; from simon@simon.org.ua on Wed, Oct 02, 2002 at 02:15:42PM %2B0300 References: <20021002141006.A1093-100000@lion.com.ua>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Oct 02, 2002 at 02:15:42PM +0300, Andrey Simonenko wrote: > Hello, > > Why is it needed to check both r->rulenum and (void *)r < lim in > sbin/ipfw2.c:list() ? because the buffer has a limited size (nbytes) and you don't want to read past it. However there is a bug in the code below, because you should swap the checks (void *)r < lim && r->rulenum < 65535 Whether ipfw1.c has the same bug or not i don't remember, but that is irrelevant anyways. cheers luigi > /* > * Count static rules. They have variable size so we > * need to scan the list to count them. > */ > for (nstat = 1, r = data, lim = data + nbytes; > r->rulenum < 65535 && (void *)r < lim; > ++nstat, r = (void *)r + RULESIZE(r) ) > ; /* nothing */ > > Can I simply check r->rulenum < 65535 as it is done in sbin/ipfw.c:list() > ? > > TIA > > ps: please CC to my email. > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021002062546.C22163>