d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
db0ac6ded6
freebsd-nq/sys/netpfil/ipfw
History
Mark Johnston 1c732c8591 dummynet: Fix socket option length validation for IP_DUMMYNET3 
The socket option handler tries to ensure that the option length is no
larger than some reasonable maximum, and no smaller than sizeof(struct
dn_id).  But the loaded option length is stored in an int, which is
converted to an unsigned integer for the comparison with a size_t, so
negative values are not caught and instead get passed to malloc().

Change the code to use a size_t for the buffer size.

Reviewed by:	kp
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D33133
2021-11-29 13:57:24 -05:00
..
nat64 netinet: Remove unneeded mb_unmapped_to_ext() calls 2021-11-24 13:31:16 -05:00
nptv6 net: clean up empty lines in .c and .h files 2020-09-01 21:19:14 +00:00
pmod net: clean up empty lines in .c and .h files 2020-09-01 21:19:14 +00:00
test net: clean up empty lines in .c and .h files 2020-09-01 21:19:14 +00:00
dn_aqm_codel.c VNETify dummynet 2021-06-03 09:01:56 +02:00
dn_aqm_codel.h net: clean up empty lines in .c and .h files 2020-09-01 21:19:14 +00:00
dn_aqm_pie.c VNETify dummynet 2021-06-03 09:01:56 +02:00
dn_aqm_pie.h net: clean up empty lines in .c and .h files 2020-09-01 21:19:14 +00:00
dn_aqm.h dummynet: Fix schedlist and aqmlist locking 2021-06-03 09:02:49 +02:00
dn_heap.c
dn_heap.h
dn_sched_fifo.c
dn_sched_fq_codel_helper.h net: clean up empty lines in .c and .h files 2020-09-01 21:19:14 +00:00
dn_sched_fq_codel.c VNETify dummynet 2021-06-03 09:01:56 +02:00
dn_sched_fq_codel.h VNETify dummynet 2021-06-03 09:01:56 +02:00
dn_sched_fq_pie.c VNETify dummynet 2021-06-03 09:01:56 +02:00
dn_sched_prio.c net: clean up empty lines in .c and .h files 2020-09-01 21:19:14 +00:00
dn_sched_qfq.c net: clean up empty lines in .c and .h files 2020-09-01 21:19:14 +00:00
dn_sched_rr.c net: clean up empty lines in .c and .h files 2020-09-01 21:19:14 +00:00
dn_sched_wf2q.c net: clean up empty lines in .c and .h files 2020-09-01 21:19:14 +00:00
dn_sched.h dummynet: Fix schedlist and aqmlist locking 2021-06-03 09:02:49 +02:00
dummynet.txt
ip_dn_glue.c ipfw: use unsigned int for dummynet bandwidth 2021-08-19 10:48:53 +02:00
ip_dn_io.c pf: support dummynet 2021-09-24 11:41:25 +02:00
ip_dn_private.h dummynet: Fix socket option length validation for IP_DUMMYNET3 2021-11-29 13:57:24 -05:00
ip_dummynet.c dummynet: Fix socket option length validation for IP_DUMMYNET3 2021-11-29 13:57:24 -05:00
ip_fw2.c ipfw: fix possible data race between jump cache reading and updating. 2021-08-17 11:08:28 +03:00
ip_fw_bpf.c net: clean up empty lines in .c and .h files 2020-09-01 21:19:14 +00:00
ip_fw_dynamic.c ipfw: remove unnecessary TCP related includes 2021-11-18 00:54:28 -08:00
ip_fw_eaction.c
ip_fw_iface.c net: clean up empty lines in .c and .h files 2020-09-01 21:19:14 +00:00
ip_fw_log.c ipfw: remove unnecessary TCP related includes 2021-11-18 00:54:28 -08:00
ip_fw_nat.c Add required checks for unmapped mbufs in ipdivert and ipfw 2021-04-21 15:47:05 -04:00
ip_fw_pfil.c ipfw: Update the pfil mbuf pointer in ipfw_check_frame() 2021-06-16 09:46:56 -04:00
ip_fw_private.h ipfw: fix possible data race between jump cache reading and updating. 2021-08-17 11:08:28 +03:00
ip_fw_sockopt.c net: clean up empty lines in .c and .h files 2020-09-01 21:19:14 +00:00
ip_fw_table_algo.c Fix LINT-NOINET6 build after r368571. 2020-12-14 22:54:32 +00:00
ip_fw_table_value.c net: clean up empty lines in .c and .h files 2020-09-01 21:19:14 +00:00
ip_fw_table.c net: clean up empty lines in .c and .h files 2020-09-01 21:19:14 +00:00
ip_fw_table.h net: clean up empty lines in .c and .h files 2020-09-01 21:19:14 +00:00