CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

author	cy <cy@FreeBSD.org>
	Tue, 23 Jan 2018 04:01:48 +0000 (04:01 +0000)
committer	cy <cy@FreeBSD.org>
	Tue, 23 Jan 2018 04:01:48 +0000 (04:01 +0000)
commit	eed5146f6d321779c6dbc469b5188dafcc08c652
tree	7c320831c25b8da8a12a9cbb23cf5d2610d4a932	tree \| snapshot
parent	5bae443fd0fdbe61367e6ed85c1c3a1cb42f661c	commit \| diff

MFC r327718:

When growing the state, also grow the seed array. Otherwise memory
that was not allocated will be accessed.

This necessitated refactoring state seed allocation from
ipf_state_soft_init() into a new common ipf_state_seed_alloc() function
as it is now also used by ipf_state_rehash() when changing the size of
the state hash table in addition to by ipf_state_soft_init() during
initialization.

According to Christos Zoulas <christos@NetBSD.org>:

The bug was encountered by a NetBSD vendor who's customer machines had
large ipfilter states. The bug was reliably triggered by resizing the
state variables using "ipf -T".

Submitted by: Christos Zoulas <christos@NetBSD.org>
Reviewed by: delphij, rgrimes
Obtained from: NetBSD ip_state.c CVS revs r1.9 and r1.10
Differential Revision: https://reviews.freebsd.org/D13755