bin/56298: [patch]run ipfw2 with incomplete options will make a
coredump
Kang Liu
liukang at bjpu.edu.cn
Mon Sep 1 22:20:17 PDT 2003
>Number: 56298
>Category: bin
>Synopsis: [patch]run ipfw2 with incomplete options will make a coredump
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Mon Sep 01 22:20:15 PDT 2003
>Closed-Date:
>Last-Modified:
>Originator: Kang Liu
>Release: FreeBSD 4.9-PRERELEASE i386
>Organization:
Beijing University of Technology
>Environment:
System: FreeBSD cnproxy.bjpu.edu.cn 4.9-PRERELEASE FreeBSD 4.9-PRERELEASE #33: Sun Aug 31 15:58:08 CST 2003
root at cnproxy.bjpu.edu.cn:/usr/obj/usr/src/sys/CNPROXY i386
>Description:
run ipfw2 enable/disable with incomplete options will make a coredump with signal 10.
this problem can be reproduced on the latest 5.1current, I do not have a 4.8 running ipfw2,
but I think -stable with ipfw2 may have the same problem.
The src has been freezed for 4.9, but this problem is so serious, Can anyone test and commit it?
>How-To-Repeat:
on a latest 5.1 machine,run:
# ipfw disable (or ipfw enable)
Bus error (core dumped)
a ipfw.core would be produced
In /var/log/message:
date time hosename kernel: pid num (ipfw), uid 0: exited on signal 10 (core dumped)
>Fix:
I think a better way is to check "ac" instead of check "av".
--- ipfw2.c.orig Tue Sep 2 12:54:28 2003
+++ ipfw2.c Tue Sep 2 12:54:54 2003
@@ -1643,7 +1643,7 @@
ac--;
av++;
- if (*av == NULL) {
+ if (ac == 0) {
warnx("missing keyword to enable/disable\n");
} else if (strncmp(*av, "firewall", strlen(*av)) == 0) {
sysctlbyname("net.inet.ip.fw.enable", NULL, 0,
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list