Check the length of the ipv4 and ipv6 address lists. It must be less
than F_LEN_MASK. MFC after: 5 days
This commit is contained in:
parent
1190a85bef
commit
268f526c05
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=162363
@ -2859,6 +2859,8 @@ fill_ip(ipfw_insn_ip *cmd, char *av)
|
||||
len += 2; /* two words... */
|
||||
d += 2;
|
||||
} /* end while */
|
||||
if (len + 1 > F_LEN_MASK)
|
||||
errx(EX_DATAERR, "address list too long");
|
||||
cmd->o.len |= len+1;
|
||||
}
|
||||
|
||||
@ -3010,6 +3012,8 @@ fill_ip6(ipfw_insn_ip6 *cmd, char *av)
|
||||
* Total length of the command, remember that 1 is the size of
|
||||
* the base command.
|
||||
*/
|
||||
if (len + 1 > F_LEN_MASK)
|
||||
errx(EX_DATAERR, "address list too long");
|
||||
cmd->o.len |= len+1;
|
||||
free(av);
|
||||
return (1);
|
||||
|
Loading…
Reference in New Issue
Block a user