Date: Sun, 5 Mar 2017 22:19:43 +0000 (UTC) From: "Andrey V. Elsukov" <ae@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r314715 - head/sys/netpfil/ipfw Message-ID: <201703052219.v25MJhrq096983@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: ae Date: Sun Mar 5 22:19:43 2017 New Revision: 314715 URL: https://svnweb.freebsd.org/changeset/base/314715 Log: Reject invalid object types that can not be used with specific opcodes. When we doing reference counting of named objects in the new rule, for existing objects check that opcode references to correct object, otherwise return EINVAL. PR: 217391 MFC after: 1 week Sponsored by: Yandex LLC Modified: head/sys/netpfil/ipfw/ip_fw_sockopt.c Modified: head/sys/netpfil/ipfw/ip_fw_sockopt.c ============================================================================== --- head/sys/netpfil/ipfw/ip_fw_sockopt.c Sun Mar 5 21:56:04 2017 (r314714) +++ head/sys/netpfil/ipfw/ip_fw_sockopt.c Sun Mar 5 22:19:43 2017 (r314715) @@ -2669,7 +2669,14 @@ ref_opcode_object(struct ip_fw_chain *ch return (0); } - /* Found. Bump refcount and update kidx. */ + /* + * Object is already exist. + * Its subtype should match with expected value. + */ + if (ti->type != no->subtype) + return (EINVAL); + + /* Bump refcount and update kidx. */ no->refcnt++; rw->update(cmd, no->kidx); return (0);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201703052219.v25MJhrq096983>