Date: Wed, 2 Oct 2002 12:56:27 -0400 From: Barney Wolff <barney@tp.databus.com> To: Luigi Rizzo <rizzo@icir.org> Cc: Andrey Simonenko <simon@simon.org.ua>, freebsd-net@FreeBSD.ORG Subject: Re: Q about sbin/ipfw2.c:list() Message-ID: <20021002165627.GA75843@tp.databus.com> In-Reply-To: <20021002062546.C22163@iguana.icir.org> References: <20021002141006.A1093-100000@lion.com.ua> <20021002062546.C22163@iguana.icir.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hmmm. In ipfw1 there is always a rule 65535, unless I'm confused. Is that not true of ipfw2? In either case, should it or should it not be counted? Can it ever be deleted? Can one have multiple rules with the same number, as one can with ipfw1? What happens if there are multiple rules with number 65535? I know, UTSL. On Wed, Oct 02, 2002 at 06:25:46AM -0700, Luigi Rizzo wrote: > On Wed, Oct 02, 2002 at 02:15:42PM +0300, Andrey Simonenko wrote: > > Hello, > > > > Why is it needed to check both r->rulenum and (void *)r < lim in > > sbin/ipfw2.c:list() ? > > because the buffer has a limited size (nbytes) and you don't want > to read past it. However there is a bug in the code below, > because you should swap the checks (void *)r < lim && r->rulenum < 65535 > > Whether ipfw1.c has the same bug or not i don't remember, but that > is irrelevant anyways. -- Barney Wolff I'm available by contract or FT: http://www.databus.com/bwresume.pdf To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021002165627.GA75843>