Date: Wed, 19 Feb 2025 10:41:42 GMT From: Kristof Provost <kp@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: 2514ac810dc9 - main - pfctl: Don't allow embedded nul characters in strings. Message-ID: <202502191041.51JAfgdf035474@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=2514ac810dc992c6a9ae6854b9a06bba6eb10782 commit 2514ac810dc992c6a9ae6854b9a06bba6eb10782 Author: Kristof Provost <kp@FreeBSD.org> AuthorDate: 2025-02-12 16:36:47 +0000 Commit: Kristof Provost <kp@FreeBSD.org> CommitDate: 2025-02-19 10:41:10 +0000 pfctl: Don't allow embedded nul characters in strings. Fixes a pfctl crash with an anchor name containing an embedded nul found with the afl fuzzer. pfctl parse.y patch from and ok deraadt@ Obtained from: OpenBSD, jsg <jsg@openbsd.org>, 41eef22fad Sponsored by: Rubicon Communications, LLC ("Netgate") --- sbin/pfctl/parse.y | 3 +++ 1 file changed, 3 insertions(+) diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y index 522d2a910de7..f3334c961909 100644 --- a/sbin/pfctl/parse.y +++ b/sbin/pfctl/parse.y @@ -6795,6 +6795,9 @@ top: } else if (c == quotec) { *p = '\0'; break; + } else if (c == '\0') { + yyerror("syntax error"); + return (findeol()); } if (p + 1 >= buf + sizeof(buf) - 1) { yyerror("string too long");
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202502191041.51JAfgdf035474>