git: 35a83d58bdbe - stable/13 - pfctl: fix crash on "pfctl -a '*' -vvsr"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 21 Apr 2025 21:15:47 UTC
The branch stable/13 has been updated by kp:
URL: https://cgit.FreeBSD.org/src/commit/?id=35a83d58bdbeae4e823710924a7e64fa00e64547
commit 35a83d58bdbeae4e823710924a7e64fa00e64547
Author: Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2025-04-14 16:41:00 +0000
Commit: Kristof Provost <kp@FreeBSD.org>
CommitDate: 2025-04-21 21:14:17 +0000
pfctl: fix crash on "pfctl -a '*' -vvsr"
When printing a nat anchor we don't have rule information, or rule
counters. Do not attempt to print them. The information is nonsensical
anyway, and this can cause a crash converting the timestamp to a string,
as years in the very distant future use more digits, and we exceed the
30 byte buffer allocated for this.
MFC after: 2 weeks
Sponsored by: Orange Business Services
(cherry picked from commit 168d873ae41fd8bd40555322a79c9f215cb4cb9c)
---
sbin/pfctl/pfctl.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/sbin/pfctl/pfctl.c b/sbin/pfctl/pfctl.c
index b7d5bf9f2819..e285bc466bc3 100644
--- a/sbin/pfctl/pfctl.c
+++ b/sbin/pfctl/pfctl.c
@@ -1274,7 +1274,6 @@ pfctl_show_nat(int dev, const char *path, int opts, char *anchorname, int depth,
}
mnr = prs.nr;
- pfctl_print_rule_counters(&rule, opts);
for (nr = 0; nr < mnr; ++nr) {
prs.nr = nr;
if (ioctl(dev, DIOCGETRULESET, &prs))