system/freebsd-src
system/freebsd-src
1
0
Fork 0
mirror of https://github.com/freebsd/freebsd-src synced 2024-07-22 10:48:02 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

pf: fix overly large copy in pf_rule_to_krule()

Browse source 
The timeout array in struct pf_rule has PFTM_OLD_MAX entries, the one in
struct pf_krule has PFTM_MAX entries (and PFTM_MAX > PFTM_OLD_MAX).
Use the smaller of the sizes when copying.

Reported by:	CheriBSD
MFC after:	1 week
Event:		Kitchener-Waterloo Hackathon 202406
This commit is contained in:
Kristof Provost 2024-06-04 14:55:02 +02:00
parent 9712479723
commit 4779b16fa6
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
sys/netpfil/pf/pf_ioctl.c
View file

@ -1972,7 +1972,8 @@ pf_rule_to_krule(const struct pf_rule *rule, struct pf_krule *krule)
krule->os_fingerprint = rule->os_fingerprint;
krule->rtableid = rule->rtableid;
bcopy(rule->timeout, krule->timeout, sizeof(krule->timeout));
/* pf_rule->timeout is smaller than pf_krule->timeout */
bcopy(rule->timeout, krule->timeout, sizeof(rule->timeout));
krule->max_states = rule->max_states;
krule->max_src_nodes = rule->max_src_nodes;
krule->max_src_states = rule->max_src_states;