git: 6ee3e376823f - main - pf: fix incorrect anchor_call to userspace
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 28 May 2024 20:31:26 UTC
The branch main has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=6ee3e376823fc16b04ab45663661f27246e7b004 commit 6ee3e376823fc16b04ab45663661f27246e7b004 Author: Kristof Provost <kp@FreeBSD.org> AuthorDate: 2024-05-24 11:20:12 +0000 Commit: Kristof Provost <kp@FreeBSD.org> CommitDate: 2024-05-28 20:27:22 +0000 pf: fix incorrect anchor_call to userspace 777a4702c changed how we copy out the anchor_call string, and incorrectly limited it to 8 (4 on 32-bit systems) bytes. Fix that so we get the full anchor path, rather than just the first few characters. PR: 279225 Sponsored by: Rubicon Communications, LLC ("Netgate") --- sys/net/pfvar.h | 2 +- sys/netpfil/pf/pf_nl.c | 2 +- sys/netpfil/pf/pf_ruleset.c | 14 +++++++------- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h index 88fb99ead84e..d1aa57a941cc 100644 --- a/sys/net/pfvar.h +++ b/sys/net/pfvar.h @@ -2474,7 +2474,7 @@ void pf_init_keth(struct pf_keth_ruleset *); int pf_kanchor_setup(struct pf_krule *, const struct pf_kruleset *, const char *); int pf_kanchor_copyout(const struct pf_kruleset *, - const struct pf_krule *, char *); + const struct pf_krule *, char *, size_t); int pf_kanchor_nvcopyout(const struct pf_kruleset *, const struct pf_krule *, nvlist_t *); void pf_kanchor_remove(struct pf_krule *); diff --git a/sys/netpfil/pf/pf_nl.c b/sys/netpfil/pf/pf_nl.c index 307e1ca1689d..8f0349d6f121 100644 --- a/sys/netpfil/pf/pf_nl.c +++ b/sys/netpfil/pf/pf_nl.c @@ -982,7 +982,7 @@ pf_handle_getrule(struct nlmsghdr *hdr, struct nl_pstate *npt) nlattr_add_u64(nw, PF_RT_STATES_TOTAL, counter_u64_fetch(rule->states_tot)); nlattr_add_u64(nw, PF_RT_SRC_NODES, counter_u64_fetch(rule->src_nodes)); - error = pf_kanchor_copyout(ruleset, rule, anchor_call); + error = pf_kanchor_copyout(ruleset, rule, anchor_call, sizeof(anchor_call)); MPASS(error == 0); nlattr_add_string(nw, PF_RT_ANCHOR_CALL, anchor_call); diff --git a/sys/netpfil/pf/pf_ruleset.c b/sys/netpfil/pf/pf_ruleset.c index 38cc1eae419f..fc0651f8a0e8 100644 --- a/sys/netpfil/pf/pf_ruleset.c +++ b/sys/netpfil/pf/pf_ruleset.c @@ -368,16 +368,16 @@ pf_kanchor_setup(struct pf_krule *r, const struct pf_kruleset *s, int pf_kanchor_copyout(const struct pf_kruleset *rs, const struct pf_krule *r, - char *anchor_call) + char *anchor_call, size_t anchor_call_len) { anchor_call[0] = 0; if (r->anchor == NULL) goto done; if (!r->anchor_relative) { - strlcpy(anchor_call, "/", sizeof(anchor_call)); + strlcpy(anchor_call, "/", anchor_call_len); strlcat(anchor_call, r->anchor->path, - sizeof(anchor_call)); + anchor_call_len); } else { char a[MAXPATHLEN]; char *p; @@ -391,7 +391,7 @@ pf_kanchor_copyout(const struct pf_kruleset *rs, const struct pf_krule *r, p = a; *p = 0; strlcat(anchor_call, "../", - sizeof(anchor_call)); + anchor_call_len); } if (strncmp(a, r->anchor->path, strlen(a))) { printf("pf_anchor_copyout: '%s' '%s'\n", a, @@ -400,12 +400,12 @@ pf_kanchor_copyout(const struct pf_kruleset *rs, const struct pf_krule *r, } if (strlen(r->anchor->path) > strlen(a)) strlcat(anchor_call, r->anchor->path + (a[0] ? - strlen(a) + 1 : 0), sizeof(anchor_call)); + strlen(a) + 1 : 0), anchor_call_len); } if (r->anchor_wildcard) strlcat(anchor_call, anchor_call[0] ? "/*" : "*", - sizeof(anchor_call)); + anchor_call_len); done: @@ -419,7 +419,7 @@ pf_kanchor_nvcopyout(const struct pf_kruleset *rs, const struct pf_krule *r, char anchor_call[MAXPATHLEN] = { 0 }; int ret; - ret = pf_kanchor_copyout(rs, r, anchor_call); + ret = pf_kanchor_copyout(rs, r, anchor_call, sizeof(anchor_call)); MPASS(ret == 0); nvlist_add_string(nvl, "anchor_call", anchor_call);