1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-15 10:17:20 +00:00

Properly initialize args structure before passing it to ipfw_chk(): having

uninitialized args.inp is unhealthy for uid/gid/jail ipfw rules.

PR:		kern/92589
Approved by:	glebius (mentor)
MFC after:	1 week
This commit is contained in:
Oleg Bulyzhin 2006-02-03 23:03:07 +00:00
parent 37f84a6018
commit 3ecf1851df
Notes: svn2git 2020-12-20 02:59:44 +00:00
svn path=/head/; revision=155268
2 changed files with 2 additions and 0 deletions

View File

@ -2647,6 +2647,7 @@ bridge_pfil(struct mbuf **mp, struct ifnet *bifp, struct ifnet *ifp, int dir)
args.oif = ifp;
args.next_hop = NULL;
args.eh = &eh2;
args.inp = NULL; /* used by ipfw uid/gid/jail rules */
i = ip_fw_chk_ptr(&args);
*mp = args.m;

View File

@ -426,6 +426,7 @@ ether_ipfw_chk(struct mbuf **m0, struct ifnet *dst,
args.rule = *rule; /* matching rule to restart */
args.next_hop = NULL; /* we do not support forward yet */
args.eh = &save_eh; /* MAC header for bridged/MAC packets */
args.inp = NULL; /* used by ipfw uid/gid/jail rules */
i = ip_fw_chk_ptr(&args);
m = args.m;
if (m != NULL) {