Properly initialize args structure before passing it to ipfw_chk(): having

uninitialized args.inp is unhealthy for uid/gid/jail ipfw rules. PR: kern/92589 Approved by: glebius (mentor) MFC after: 1 week
2006-02-03 23:03:07 +00:00 · 2006-02-03 23:03:07 +00:00 · 3ecf1851df
commit 3ecf1851df
parent 37f84a6018
2 changed files with 2 additions and 0 deletions
--- a/sys/net/if_bridge.c
+++ b/sys/net/if_bridge.c
@ -2647,6 +2647,7 @@ bridge_pfil(struct mbuf **mp, struct ifnet *bifp, struct ifnet *ifp, int dir)
 		args.oif = ifp;
 		args.next_hop = NULL;
 		args.eh = &eh2;
+		args.inp = NULL;	/* used by ipfw uid/gid/jail rules */
 		i = ip_fw_chk_ptr(&args);
 		*mp = args.m;

--- a/sys/net/if_ethersubr.c
+++ b/sys/net/if_ethersubr.c
@ -426,6 +426,7 @@ ether_ipfw_chk(struct mbuf **m0, struct ifnet *dst,
 	args.rule = *rule;	/* matching rule to restart		*/
 	args.next_hop = NULL;	/* we do not support forward yet	*/
 	args.eh = &save_eh;	/* MAC header for bridged/MAC packets	*/
+	args.inp = NULL;	/* used by ipfw uid/gid/jail rules	*/
 	i = ip_fw_chk_ptr(&args);
 	m = args.m;
 	if (m != NULL) {