]> CyberLeo.Net >> Repos - FreeBSD/stable/10.git/commit
projects / FreeBSD / stable / 10.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e5038d9) | patch
MFC r332107:
authorkp <kp@ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f>
Fri, 13 Apr 2018 22:33:18 +0000 (22:33 +0000)
committerkp <kp@ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f>
Fri, 13 Apr 2018 22:33:18 +0000 (22:33 +0000)
commitbd2afb17fae97b9968eb2e1a3e9054edd11ac2ab
treea986eeb79883a23b5c7aac1efe53b93c640d3c54tree | snapshot
parente5038d9e613d29ee547428ef890b11482f988a41commit | diff
MFC r332107:

pf: Improve ioctl validation for DIOCRGETTABLES, DIOCRGETTSTATS, DIOCRCLRTSTATS and DIOCRSETTFLAGS

These ioctls can process a number of items at a time, which puts us at
risk of overflow in mallocarray() and of impossibly large allocations
even if we don't overflow.

Limit the allocation to required size (or the user allocation, if that's
smaller). That does mean we need to do the allocation with the rules
lock held (so the number doesn't change while we're doing this), so it
can't M_WAITOK.

git-svn-id: svn://svn.freebsd.org/base/stable/10@332494 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
sys/net/pfvar.h diff | blob | history
sys/netpfil/pf/pf_ioctl.c diff | blob | history
sys/netpfil/pf/pf_table.c diff | blob | history
10-STABLE