mirror of
https://git.FreeBSD.org/src.git
synced 2024-12-15 10:17:20 +00:00
Properly initialize args structure before passing it to ipfw_chk(): having
uninitialized args.inp is unhealthy for uid/gid/jail ipfw rules. PR: kern/92589 Approved by: glebius (mentor) MFC after: 1 week
This commit is contained in:
parent
37f84a6018
commit
3ecf1851df
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=155268
@ -2647,6 +2647,7 @@ bridge_pfil(struct mbuf **mp, struct ifnet *bifp, struct ifnet *ifp, int dir)
|
||||
args.oif = ifp;
|
||||
args.next_hop = NULL;
|
||||
args.eh = &eh2;
|
||||
args.inp = NULL; /* used by ipfw uid/gid/jail rules */
|
||||
i = ip_fw_chk_ptr(&args);
|
||||
*mp = args.m;
|
||||
|
||||
|
@ -426,6 +426,7 @@ ether_ipfw_chk(struct mbuf **m0, struct ifnet *dst,
|
||||
args.rule = *rule; /* matching rule to restart */
|
||||
args.next_hop = NULL; /* we do not support forward yet */
|
||||
args.eh = &save_eh; /* MAC header for bridged/MAC packets */
|
||||
args.inp = NULL; /* used by ipfw uid/gid/jail rules */
|
||||
i = ip_fw_chk_ptr(&args);
|
||||
m = args.m;
|
||||
if (m != NULL) {
|
||||
|
Loading…
Reference in New Issue
Block a user