freebsd-nq/sys/netpfil/pf
Kristof Provost 7f3ad01804 pf_get_sport(): Prevent possible endless loop when searching for an unused nat port
This is an import of Alexander Bluhm's OpenBSD commit r1.60,
the first chunk had to be modified because on OpenBSD the
'cut' declaration is located elsewhere.

Upstream report by Jingmin Zhou:
https://marc.info/?l=openbsd-pf&m=150020133510896&w=2

OpenBSD commit message:
 Use a 32 bit variable to detect integer overflow when searching for
 an unused nat port.  Prevents a possible endless loop if high port
 is 65535 or low port is 0.
 report and analysis Jingmin Zhou; OK sashan@ visa@
Quoted from: https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/net/pf_lb.c

PR:		221201
Submitted by:	Fabian Keil <fk@fabiankeil.de>
Obtained from:  OpenBSD via ElectroBSD
MFC after:	1 week
2017-08-08 21:09:26 +00:00
..
if_pflog.c pflog: Correctly initialise subrulenr 2016-12-05 21:52:10 +00:00
if_pfsync.c Improve upon r309394 2016-12-10 03:31:38 +00:00
in4_cksum.c
pf_altq.h Add ALTQ(9) support for the CoDel algorithm. 2015-08-21 22:02:22 +00:00
pf_if.c Since curvnet is already properly set on entry to event handlers, 2017-04-25 08:30:28 +00:00
pf_ioctl.c pf: Fix vnet initialisation 2017-05-07 14:33:58 +00:00
pf_lb.c pf_get_sport(): Prevent possible endless loop when searching for an unused nat port 2017-08-08 21:09:26 +00:00
pf_mtag.h ALTQ FAIRQ discipline import from DragonFLY 2015-06-24 19:16:41 +00:00
pf_norm.c pf: Fix possible incorrect IPv6 fragmentation 2017-04-20 09:05:53 +00:00
pf_osfp.c pf: use inet_ntoa_r() instead of inet_ntoa(); maybe fix IPv6 OS fingerprinting 2017-02-16 20:44:44 +00:00
pf_ruleset.c
pf_table.c Fix VNET leakages in PF by V_irtualizing pfr_ktables and friends. 2017-04-25 08:34:39 +00:00
pf.c pf: Fix vnet purging 2017-07-09 17:56:39 +00:00
pf.h In the forwarding case refragment the reassembled packets with the same 2015-02-16 07:01:02 +00:00