d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix command: ipfw set (enable|disable) N (where N > 4).

Browse Source 
enable_sets() expects set bitmasks, not set numbers.

MFC after:	3 days
This commit is contained in:
Oleg Bulyzhin 2016-08-15 13:06:29 +00:00
parent 40de550ba7
commit e7560c836f
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=304154
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
sys/netpfil/ipfw/ip_fw_sockopt.c
View File

@ -1420,8 +1420,10 @@ manage_sets(struct ip_fw_chain *chain, ip_fw3_opheader *op3,
if (rh->range.head.length != sizeof(ipfw_range_tlv))
return (1);
if (rh->range.set >= IPFW_MAX_SETS ||
rh->range.new_set >= IPFW_MAX_SETS)
/* enable_sets() expects bitmasks. */
if (op3->opcode != IP_FW_SET_ENABLE &&
(rh->range.set >= IPFW_MAX_SETS ||
rh->range.new_set >= IPFW_MAX_SETS))
return (EINVAL);
ret = 0;