diff options
author | oleg <oleg@FreeBSD.org> | 2006-02-03 23:03:07 +0000 |
---|---|---|
committer | oleg <oleg@FreeBSD.org> | 2006-02-03 23:03:07 +0000 |
commit | a73eff40d08c8a48e221719f18c0cc280f546a03 (patch) | |
tree | d343251868a29cd84a933fbbf878b7c53aaab972 | |
parent | 2b85b6db3b8673dd6cd28274f2225f147ce3ab52 (diff) | |
download | FreeBSD-src-a73eff40d08c8a48e221719f18c0cc280f546a03.zip FreeBSD-src-a73eff40d08c8a48e221719f18c0cc280f546a03.tar.gz |
Properly initialize args structure before passing it to ipfw_chk(): having
uninitialized args.inp is unhealthy for uid/gid/jail ipfw rules.
PR: kern/92589
Approved by: glebius (mentor)
MFC after: 1 week
-rw-r--r-- | sys/net/if_bridge.c | 1 | ||||
-rw-r--r-- | sys/net/if_ethersubr.c | 1 |
2 files changed, 2 insertions, 0 deletions
diff --git a/sys/net/if_bridge.c b/sys/net/if_bridge.c index 6be9ab6..fb7c2b9 100644 --- a/sys/net/if_bridge.c +++ b/sys/net/if_bridge.c @@ -2647,6 +2647,7 @@ bridge_pfil(struct mbuf **mp, struct ifnet *bifp, struct ifnet *ifp, int dir) args.oif = ifp; args.next_hop = NULL; args.eh = &eh2; + args.inp = NULL; /* used by ipfw uid/gid/jail rules */ i = ip_fw_chk_ptr(&args); *mp = args.m; diff --git a/sys/net/if_ethersubr.c b/sys/net/if_ethersubr.c index 4f9d119..ed0f270 100644 --- a/sys/net/if_ethersubr.c +++ b/sys/net/if_ethersubr.c @@ -426,6 +426,7 @@ ether_ipfw_chk(struct mbuf **m0, struct ifnet *dst, args.rule = *rule; /* matching rule to restart */ args.next_hop = NULL; /* we do not support forward yet */ args.eh = &save_eh; /* MAC header for bridged/MAC packets */ + args.inp = NULL; /* used by ipfw uid/gid/jail rules */ i = ip_fw_chk_ptr(&args); m = args.m; if (m != NULL) { |