From owner-freebsd-bugs@FreeBSD.ORG Sat Jan 10 07:20:20 2004 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A83E316A4CE for ; Sat, 10 Jan 2004 07:20:20 -0800 (PST) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 14DDC43D5C for ; Sat, 10 Jan 2004 07:20:17 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) i0AFKGFR038602 for ; Sat, 10 Jan 2004 07:20:16 -0800 (PST) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.10/8.12.10/Submit) id i0AFKGsF038601; Sat, 10 Jan 2004 07:20:16 -0800 (PST) (envelope-from gnats) Resent-Date: Sat, 10 Jan 2004 07:20:16 -0800 (PST) Resent-Message-Id: <200401101520.i0AFKGsF038601@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Bruce Cran Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 714AE16A4CE for ; Sat, 10 Jan 2004 07:19:49 -0800 (PST) Received: from mta6-svc.business.ntl.com (mta6-svc.business.ntl.com [62.253.164.46]) by mx1.FreeBSD.org (Postfix) with ESMTP id A998343D41 for ; Sat, 10 Jan 2004 07:19:47 -0800 (PST) (envelope-from bruce@cran.org.uk) Received: from box1.cran ([81.107.228.115]) by mta6-svc.business.ntl.com (InterMail vM.4.01.03.37 201-229-121-137-20020806) with ESMTP id <20040110151946.ZKUC7358.mta6-svc.business.ntl.com@box1.cran> for ; Sat, 10 Jan 2004 15:19:46 +0000 Received: from box1.cran (localhost.cran [127.0.0.1]) by box1.cran (8.12.10/8.12.10) with ESMTP id i0AFEgC2036513 for ; Sat, 10 Jan 2004 15:14:42 GMT (envelope-from brucec@box1.cran) Received: (from brucec@localhost) by box1.cran (8.12.10/8.12.10/Submit) id i0AFEfDS036512; Sat, 10 Jan 2004 15:14:41 GMT (envelope-from brucec) Message-Id: <200401101514.i0AFEfDS036512@box1.cran> Date: Sat, 10 Jan 2004 15:14:41 GMT From: Bruce Cran To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Subject: kern/61174: patch to bridge.c: range checking for bridge.enable X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Bruce Cran List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 10 Jan 2004 15:20:20 -0000 >Number: 61174 >Category: kern >Synopsis: patch to bridge.c: range checking for bridge.enable >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Sat Jan 10 07:20:16 PST 2004 >Closed-Date: >Last-Modified: >Originator: Bruce Cran >Release: FreeBSD 5.2-RC i386 >Organization: >Environment: System: FreeBSD box1.cran 5.2-RC FreeBSD 5.2-RC #0: Sat Jan 10 04:45:11 GMT 2004 brucec@box1.cran:/usr/obj/usr/src/sys/MYKERNEL i386 FreeBSD 5.2-RC2 system with bridge module loaded >Description: sysctl net.link.ether.bridge.enable accepts any 32-bit value, not just 0 or 1 >How-To-Repeat: run sysctl net.link.ether.bridge.enable=10000 >Fix: apply the following patch: --- /sys/net/bridge.c Fri Oct 31 18:32:08 2003 +++ bridge.c Sat Jan 10 14:59:10 2004 @@ -563,7 +563,10 @@ int error; error = sysctl_handle_int(oidp, &enable, 0, req); - BDG_LOCK(); + if( (enable > 1) || (enable < 0) ) + return (EINVAL); + + BDG_LOCK(); if (enable != do_bridge) { do_bridge = enable; reconfigure_bridge_locked(); >Release-Note: >Audit-Trail: >Unformatted: