Date: Fri, 14 Aug 2009 10:25:14 +0000 (UTC) From: Julian Elischer <julian@FreeBSD.org> To: cvs-src-old@freebsd.org Subject: cvs commit: src/sys/netinet/ipfw ip_fw2.c Message-ID: <200908141025.n7EAPasv053147@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
julian 2009-08-14 10:25:14 UTC
FreeBSD src repository
Modified files: (Branch: RELENG_8)
sys/netinet/ipfw ip_fw2.c
Log:
SVN rev 196202 on 2009-08-14 10:25:14Z by julian
MFC of r196201
URL: http://svn.freebsd.org/changeset/base/196201
Fix ipfw crash on uid or gid check.
Receiving any ip packet for which there is no existing socket will
crash if ipfw has a uid or gid test rule, as the uid/gid
of the non existent owner of said non existent socket is tested.
Brooks introduced this error as part of his >16 gids patch.
It appears to be a cut-n-paste error from similar code a few lines
before. The old code used the 'pcb' variable here, but in the
new code that switched the 'inp' variable, which is often NULL
and what is tested in the code further up. The rest of the multi-gid
patch for ipfw seems solid (and cleaner than previous code).
p.s. What's up with all the properties changing? It is a fresh checkout.
Reviewed by: brooks
Approved by: re (rwatson)
Revision Changes Path
1.11.2.2 +1 -1 src/sys/netinet/ipfw/ip_fw2.c
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200908141025.n7EAPasv053147>