d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
84233445c4
freebsd-skq/sys/netpfil/pf
History
kp 9fe8ed111f pf: Fix panic on invalid DIOCRSETTFLAGS 
If during DIOCRSETTFLAGS pfrio_buffer is NULL copyin() will fault, which we're
not allowed to do with a lock held.
We must count the number of entries in the table and release the lock during
copyin(). Only then can we re-acquire the lock. Note that this is safe, because
pfr_set_tflags() will check if the table and entries exist.

This was discovered by a local syzcaller instance.

MFC after:	1 week
Event:		Aberdeen hackathon 2019
2019-04-17 16:42:54 +00:00
..
if_pflog.c
if_pfsync.c pf: Rename pfsync bucket lock 2019-03-16 10:14:03 +00:00
in4_cksum.c
pf_altq.h
pf_if.c Mechanical cleanup of epoch(9) usage in network stack. 2019-01-09 01:11:19 +00:00
pf_ioctl.c pf: Fix panic on invalid DIOCRSETTFLAGS 2019-04-17 16:42:54 +00:00
pf_lb.c
pf_mtag.h
pf_norm.c pf: IPv6 fragments with malformed extension headers could be erroneously passed by pf or cause a panic 2019-03-01 07:37:45 +00:00
pf_osfp.c
pf_ruleset.c
pf_table.c pf :Use counter(9) in pf tables. 2019-03-15 11:08:44 +00:00
pf.c Use IN_foo() macros from sys/netinet/in.h inplace of handcrafted code 2019-04-04 19:01:13 +00:00
pf.h