git: 2b1eb63fc9c6 - main - libpfctl: be more tolerant of kernel extensions
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 31 Oct 2023 15:03:38 UTC
The branch main has been updated by kp:
URL: https://cgit.FreeBSD.org/src/commit/?id=2b1eb63fc9c6d6f64baaac59b7ea7c2a3228c03f
commit 2b1eb63fc9c6d6f64baaac59b7ea7c2a3228c03f
Author: Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2023-10-27 12:13:57 +0000
Commit: Kristof Provost <kp@FreeBSD.org>
CommitDate: 2023-10-31 15:03:22 +0000
libpfctl: be more tolerant of kernel extensions
Allow the kernel to supply more array elements than expected, but cut
off when we hit what we think the maximum is. This will improve forward
compatibility (i.e. old userspace with newer kernel).
Reviewed by: zlei
MFC after: 1 week
Sponsored by: Orange Business Services
Differential Revision: https://reviews.freebsd.org/D42392
---
lib/libpfctl/libpfctl.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/lib/libpfctl/libpfctl.c b/lib/libpfctl/libpfctl.c
index 1c8873dd6429..1554b81acf59 100644
--- a/lib/libpfctl/libpfctl.c
+++ b/lib/libpfctl/libpfctl.c
@@ -152,9 +152,8 @@ pf_nvuint_32_array(const nvlist_t *nvl, const char *name, size_t maxelems,
size_t elems;
tmp = nvlist_get_number_array(nvl, name, &elems);
- assert(elems <= maxelems);
- for (size_t i = 0; i < elems; i++)
+ for (size_t i = 0; i < elems && i < maxelems; i++)
numbers[i] = tmp[i];
if (nelems)