[Bug 207463] [patch] stable/10/sys/netpfil/pf/pf_ioctl.c:pfioctl(DIOCRSETADDRS) buffer overflow
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Thu Feb 25 01:08:14 UTC 2016
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=207463
--- Comment #2 from Paul J Murphy <paul at inetstat.net> ---
Yes, you are correct. My patch was sufficient only for the default usage by
/sbin/pfctl, but left scope for other usage to cause problems. I've looked
over your patch, and it looks good to me. The existing buffer protection code
in pfr_set_addrs() also looks like it will handle a smaller size2 cleanly. I
have just updated my releng/10.2 system to stable/10's sys/netpfil/pf and
sbin/pfctl, with your patch applied to it, and it seems to both pass a quick
and basic functionality test, and fix bug #192677 (it is now successfully
replacing a pf table with over 130,000 addrs, where 10.2-p12 fails for anything
over around 65,000).
Thanks.
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the freebsd-stable
mailing list