svn commit: r196201 - head/sys/netinet/ipfw
Julian Elischer
julian at FreeBSD.org
Fri Aug 14 10:09:46 UTC 2009
Author: julian
Date: Fri Aug 14 10:09:45 2009
New Revision: 196201
URL: http://svn.freebsd.org/changeset/base/196201
Log:
Fix ipfw crash on uid or gid check.
Receiving any ip packet for which there is no existing socket will
crash if ipfw has a uid or gid test rule, as the uid/gid
of the non existent owner of said non existent socket is tested.
Brooks introduced this error as part of his >16 gids patch.
It appears to be a cut-n-paste error from similar code a few lines
before. The old code used the 'pcb' variable here, but in the
new code that switched the 'inp' variable, which is often NULL
and what is tested in the code further up. The rest of the multi-gid
patch for ipfw seems solid (and cleaner than previous code).
Reviewed by: brooks
Approved by: re (rwatson)
Modified:
head/sys/netinet/ipfw/ip_fw2.c
Modified: head/sys/netinet/ipfw/ip_fw2.c
==============================================================================
--- head/sys/netinet/ipfw/ip_fw2.c Thu Aug 13 23:18:45 2009 (r196200)
+++ head/sys/netinet/ipfw/ip_fw2.c Fri Aug 14 10:09:45 2009 (r196201)
@@ -2057,7 +2057,7 @@ check_uidgid(ipfw_insn_u32 *insn, int pr
dst_ip, htons(dst_port),
wildcard, NULL);
if (pcb != NULL) {
- *uc = crhold(inp->inp_cred);
+ *uc = crhold(pcb->inp_cred);
*ugid_lookupp = 1;
}
INP_INFO_RUNLOCK(pi);
More information about the svn-src-head
mailing list