Date: Sun, 19 Oct 2014 11:15:19 +0000 (UTC) From: "Alexander V. Chernikov" <melifaro@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r273274 - head/sys/netpfil/ipfw Message-ID: <201410191115.s9JBFJxA058370@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: melifaro Date: Sun Oct 19 11:15:19 2014 New Revision: 273274 URL: https://svnweb.freebsd.org/changeset/base/273274 Log: Perform more checks on the number of tables supplied by user. Modified: head/sys/netpfil/ipfw/ip_fw_table.c Modified: head/sys/netpfil/ipfw/ip_fw_table.c ============================================================================== --- head/sys/netpfil/ipfw/ip_fw_table.c Sun Oct 19 11:06:54 2014 (r273273) +++ head/sys/netpfil/ipfw/ip_fw_table.c Sun Oct 19 11:15:19 2014 (r273274) @@ -1489,6 +1489,21 @@ destroy_table(struct ip_fw_chain *ch, st return (0); } +static uint32_t +roundup2p(uint32_t v) +{ + + v--; + v |= v >> 1; + v |= v >> 2; + v |= v >> 4; + v |= v >> 8; + v |= v >> 16; + v++; + + return (v); +} + /* * Grow tables index. * @@ -1505,8 +1520,12 @@ ipfw_resize_tables(struct ip_fw_chain *c int i, new_blocks; /* Check new value for validity */ + if (ntables == 0) + return (EINVAL); if (ntables > IPFW_TABLES_MAX) ntables = IPFW_TABLES_MAX; + /* Alight to nearest power of 2 */ + ntables = (unsigned int)roundup2p(ntables); /* Allocate new pointers */ tablestate = malloc(ntables * sizeof(struct table_info),
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201410191115.s9JBFJxA058370>