Validate IPv4 network mask being passed to ipfw kernel interface.

Incorrect mask can possibly be one of the reasons for kern/127209 existance. Approved by: kib(mentor) MFC after: 3 days
author: melifaro <melifaro@FreeBSD.org> 2012-06-09 17:39:05 +0000
committer: melifaro <melifaro@FreeBSD.org> 2012-06-09 17:39:05 +0000
commit: 76ab178d5a7c5c31da9fe74db1de8b9a649188f3 (patch)
tree: e224dc69ee96a9b2d014a66da2ec04e9a627f056 /sys/netinet/ipfw
parent: 6a57329c6fbc9ff8021dbe2a16fe3366d039e85a (diff)
download: FreeBSD-src-76ab178d5a7c5c31da9fe74db1de8b9a649188f3.zip
FreeBSD-src-76ab178d5a7c5c31da9fe74db1de8b9a649188f3.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/sys/netinet/ipfw/ip_fw_table.c b/sys/netinet/ipfw/ip_fw_table.c
index 9de5d53..5f4d350 100644
--- a/sys/netinet/ipfw/ip_fw_table.c
+++ b/sys/netinet/ipfw/ip_fw_table.c
@@ -153,6 +153,9 @@ ipfw_add_table_entry(struct ip_fw_chain *ch, uint16_t tbl, void *paddr,
 	case IPFW_TABLE_CIDR:
 		if (plen == sizeof(in_addr_t)) {
 #ifdef INET
+			/* IPv4 case */
+			if (mlen > 32)
+				return (EINVAL);
 			ent = malloc(sizeof(*ent), M_IPFW_TBL, M_WAITOK | M_ZERO);
 			ent->value = value;
 			/* Set 'total' structure length */
author	melifaro <melifaro@FreeBSD.org>	2012-06-09 17:39:05 +0000
committer	melifaro <melifaro@FreeBSD.org>	2012-06-09 17:39:05 +0000
commit	76ab178d5a7c5c31da9fe74db1de8b9a649188f3 (patch)
tree	e224dc69ee96a9b2d014a66da2ec04e9a627f056 /sys/netinet/ipfw
parent	6a57329c6fbc9ff8021dbe2a16fe3366d039e85a (diff)
download	FreeBSD-src-76ab178d5a7c5c31da9fe74db1de8b9a649188f3.zip FreeBSD-src-76ab178d5a7c5c31da9fe74db1de8b9a649188f3.tar.gz