git: 15760e084c6a - stable/12 - pfctl: Call ifa_load() before ifa_grouplookup()

[Kristof Provost]

The branch stable/12 has been updated by kp:

URL: https://cgit.FreeBSD.org/src/commit/?id=15760e084c6a4bcc4d135e4a4e1204b35f72c062

commit 15760e084c6a4bcc4d135e4a4e1204b35f72c062
Author:     Kristof Provost <kp at FreeBSD.org>
AuthorDate: 2020-04-19 15:37:13 +0000
Commit:     Kristof Provost <kp at FreeBSD.org>
CommitDate: 2021-01-14 13:04:22 +0000

    pfctl: Call ifa_load() before ifa_grouplookup()
    
    ifa_grouplookup() uses the data loaded in ifa_load() (through is_a_group()), so
    we must call ifa_load() before we can rely on any of the data it populates.
    
    Submitted by:   Nick Rogers
    MFC after:      1 week
    Sponsored by:   RG Nets
    
    (cherry picked from commit 8fd675d8a0538544a85483f7a9bed2bd48382926)
---
 sbin/pfctl/pfctl_parser.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/sbin/pfctl/pfctl_parser.c b/sbin/pfctl/pfctl_parser.c
index 120178c50087..2efb97285798 100644
--- a/sbin/pfctl/pfctl_parser.c
+++ b/sbin/pfctl/pfctl_parser.c
@@ -1456,15 +1456,16 @@ ifa_lookup(char *ifa_name, int flags)
 	int			 got4 = 0, got6 = 0;
 	const char		 *last_if = NULL;
 
+	/* first load iftab and isgroup_map */
+	if (iftab == NULL)
+		ifa_load();
+
 	if ((h = ifa_grouplookup(ifa_name, flags)) != NULL)
 		return (h);
 
 	if (!strncmp(ifa_name, "self", IFNAMSIZ))
 		ifa_name = NULL;
 
-	if (iftab == NULL)
-		ifa_load();
-
 	for (p = iftab; p; p = p->next) {
 		if (ifa_skip_if(ifa_name, p))
 			continue;