git: 2b1eb63fc9c6 - main - libpfctl: be more tolerant of kernel extensions
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 31 Oct 2023 15:03:38 UTC
The branch main has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=2b1eb63fc9c6d6f64baaac59b7ea7c2a3228c03f commit 2b1eb63fc9c6d6f64baaac59b7ea7c2a3228c03f Author: Kristof Provost <kp@FreeBSD.org> AuthorDate: 2023-10-27 12:13:57 +0000 Commit: Kristof Provost <kp@FreeBSD.org> CommitDate: 2023-10-31 15:03:22 +0000 libpfctl: be more tolerant of kernel extensions Allow the kernel to supply more array elements than expected, but cut off when we hit what we think the maximum is. This will improve forward compatibility (i.e. old userspace with newer kernel). Reviewed by: zlei MFC after: 1 week Sponsored by: Orange Business Services Differential Revision: https://reviews.freebsd.org/D42392 --- lib/libpfctl/libpfctl.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/lib/libpfctl/libpfctl.c b/lib/libpfctl/libpfctl.c index 1c8873dd6429..1554b81acf59 100644 --- a/lib/libpfctl/libpfctl.c +++ b/lib/libpfctl/libpfctl.c @@ -152,9 +152,8 @@ pf_nvuint_32_array(const nvlist_t *nvl, const char *name, size_t maxelems, size_t elems; tmp = nvlist_get_number_array(nvl, name, &elems); - assert(elems <= maxelems); - for (size_t i = 0; i < elems; i++) + for (size_t i = 0; i < elems && i < maxelems; i++) numbers[i] = tmp[i]; if (nelems)