[Bug 207463] [patch] stable/10/sys/netpfil/pf/pf_ioctl.c:pfioctl(DIOCRSETADDRS) buffer overflow

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Thu Feb 25 01:08:14 UTC 2016


--- Comment #2 from Paul J Murphy <paul at inetstat.net> ---
Yes, you are correct.  My patch was sufficient only for the default usage by
/sbin/pfctl, but left scope for other usage to cause problems.  I've looked
over your patch, and it looks good to me.  The existing buffer protection code
in pfr_set_addrs() also looks like it will handle a smaller size2 cleanly.  I
have just updated my releng/10.2 system to stable/10's sys/netpfil/pf and
sbin/pfctl, with your patch applied to it, and it seems to both pass a quick
and basic functionality test, and fix bug #192677 (it is now successfully
replacing a pf table with over 130,000 addrs, where 10.2-p12 fails for anything
over around 65,000).


You are receiving this mail because:
You are on the CC list for the bug.

More information about the freebsd-stable mailing list