Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 19 Oct 2014 11:15:19 +0000 (UTC)
From:      "Alexander V. Chernikov" <melifaro@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r273274 - head/sys/netpfil/ipfw
Message-ID:  <201410191115.s9JBFJxA058370@svn.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: melifaro
Date: Sun Oct 19 11:15:19 2014
New Revision: 273274
URL: https://svnweb.freebsd.org/changeset/base/273274

Log:
  Perform more checks on the number of tables supplied by user.

Modified:
  head/sys/netpfil/ipfw/ip_fw_table.c

Modified: head/sys/netpfil/ipfw/ip_fw_table.c
==============================================================================
--- head/sys/netpfil/ipfw/ip_fw_table.c	Sun Oct 19 11:06:54 2014	(r273273)
+++ head/sys/netpfil/ipfw/ip_fw_table.c	Sun Oct 19 11:15:19 2014	(r273274)
@@ -1489,6 +1489,21 @@ destroy_table(struct ip_fw_chain *ch, st
 	return (0);
 }
 
+static uint32_t
+roundup2p(uint32_t v)
+{
+
+	v--;
+	v |= v >> 1;
+	v |= v >> 2;
+	v |= v >> 4;
+	v |= v >> 8;
+	v |= v >> 16;
+	v++;
+
+	return (v);
+}
+
 /*
  * Grow tables index.
  *
@@ -1505,8 +1520,12 @@ ipfw_resize_tables(struct ip_fw_chain *c
 	int i, new_blocks;
 
 	/* Check new value for validity */
+	if (ntables == 0)
+		return (EINVAL);
 	if (ntables > IPFW_TABLES_MAX)
 		ntables = IPFW_TABLES_MAX;
+	/* Alight to nearest power of 2 */
+	ntables = (unsigned int)roundup2p(ntables); 
 
 	/* Allocate new pointers */
 	tablestate = malloc(ntables * sizeof(struct table_info),



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201410191115.s9JBFJxA058370>