diff options
author | cjc <cjc@FreeBSD.org> | 2001-07-10 05:44:51 +0000 |
---|---|---|
committer | cjc <cjc@FreeBSD.org> | 2001-07-10 05:44:51 +0000 |
commit | 4596097b70af0148c360786f817b05073b8de5ce (patch) | |
tree | 47e7d8d7b3c79786d53c1889b704d7381f4026b8 /sbin | |
parent | d107d4e34abe22f4377b6e745fd6ea250d69bc38 (diff) | |
download | FreeBSD-src-4596097b70af0148c360786f817b05073b8de5ce.zip FreeBSD-src-4596097b70af0148c360786f817b05073b8de5ce.tar.gz |
Fix rule parsing breakage introduced in 1.103 cleanup. 'tcp' and
'icmp' rules could drop into infinite loops when given bad arguments.
Reviewed by: ru, des
Approved by: ru
Diffstat (limited to 'sbin')
-rw-r--r-- | sbin/ipfw/ipfw.c | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/sbin/ipfw/ipfw.c b/sbin/ipfw/ipfw.c index 407540e..08a7576 100644 --- a/sbin/ipfw/ipfw.c +++ b/sbin/ipfw/ipfw.c @@ -2140,7 +2140,8 @@ badviacombo: rule.fw_tcpwin = htons((u_short)strtoul(*av, NULL, 0)); av++; ac--; - } + } else + break; } else if (rule.fw_prot == IPPROTO_ICMP) { if (!strncmp(*av, "icmptypes", strlen(*av))) { av++; ac--; @@ -2150,11 +2151,13 @@ badviacombo: fill_icmptypes(rule.fw_uar.fw_icmptypes, av, &rule.fw_flg); av++; ac--; - } - } else { - show_usage("unknown argument ``%s''", *av); - } + } else + break; + } else + break; } + if (ac) + show_usage("unknown argument ``%s''", *av); /* No direction specified -> do both directions */ if (!(rule.fw_flg & (IP_FW_F_OUT|IP_FW_F_IN))) |