Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 8 Apr 2024 20:25:57 GMT
From:      John Baldwin <jhb@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org
Subject:   git: 3798c6487a21 - stable/13 - ipfw: Skip to the start of the loop when following a keep-state rule
Message-ID:  <202404082025.438KPvTl040216@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The branch stable/13 has been updated by jhb:

URL: https://cgit.FreeBSD.org/src/commit/?id=3798c6487a21454020493517b613cda9a1753faf

commit 3798c6487a21454020493517b613cda9a1753faf
Author:     Karim Fodil-Lemelin <kfl@xiplink.com>
AuthorDate: 2024-02-16 01:57:51 +0000
Commit:     John Baldwin <jhb@FreeBSD.org>
CommitDate: 2024-04-08 17:57:57 +0000

    ipfw: Skip to the start of the loop when following a keep-state rule
    
    When a packet matches an existing dynamic rule for a keep-state rule,
    the matching engine advances the "instruction pointer" to the action
    portion of the rule skipping over the match conditions.  However, the
    code was merely breaking out of the switch statement rather than doing
    a continue, so the remainder of the loop body after the switch was
    still executed.  If the first action opcode contains an F_NOT but not
    an F_OR (such as an "untag" action), then match is toggled to 0, and
    the code exits the inner loop via a break which aborts processing of
    the actions.
    
    To fix, just use a continue instead of a break.
    
    PR:             276732
    Reviewed by:    jhb, ae
    MFC after:      2 weeks
    
    (cherry picked from commit 62b1faa3b7495de22a3225e42dabe6ce8c371e86)
---
 sys/netpfil/ipfw/ip_fw2.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/sys/netpfil/ipfw/ip_fw2.c b/sys/netpfil/ipfw/ip_fw2.c
index 59faaba2f79b..5a96872f9c4f 100644
--- a/sys/netpfil/ipfw/ip_fw2.c
+++ b/sys/netpfil/ipfw/ip_fw2.c
@@ -2849,8 +2849,7 @@ do {								\
 					cmd = ACTION_PTR(f);
 					l = f->cmd_len - f->act_ofs;
 					cmdlen = 0;
-					match = 1;
-					break;
+					continue;
 				}
 				/*
 				 * Dynamic entry not found. If CHECK_STATE,

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202404082025.438KPvTl040216>