summaryrefslogtreecommitdiffstats
path: root/sys/netinet
diff options
context:
space:
mode:
authormaxim <maxim@FreeBSD.org>2010-08-30 09:29:51 +0000
committermaxim <maxim@FreeBSD.org>2010-08-30 09:29:51 +0000
commit5420fffab06a31d95f5b6ffd70f397140ad1748c (patch)
tree7d60ceccdad4defc6b21fb7b884feced0e6e8738 /sys/netinet
parent222b8f3d0e3408378a451bf3fe1e58d7955cd0d0 (diff)
downloadFreeBSD-src-5420fffab06a31d95f5b6ffd70f397140ad1748c.zip
FreeBSD-src-5420fffab06a31d95f5b6ffd70f397140ad1748c.tar.gz
o Some programs could send broadcast/multicast traffic to ipfw
pseudo-interface. This leads to a panic due to uninitialized if_broadcastaddr address. Initialize it and implement ip_output() method to prevent mbuf leak later. ipfw pseudo-interface should never send anything therefore call panic(9) in if_start() method. PR: kern/149807 Submitted by: Dmitrij Tejblum MFC after: 2 weeks
Diffstat (limited to 'sys/netinet')
-rw-r--r--sys/netinet/ipfw/ip_fw_log.c23
1 files changed, 21 insertions, 2 deletions
diff --git a/sys/netinet/ipfw/ip_fw_log.c b/sys/netinet/ipfw/ip_fw_log.c
index 2995f2c..3560e13 100644
--- a/sys/netinet/ipfw/ip_fw_log.c
+++ b/sys/netinet/ipfw/ip_fw_log.c
@@ -103,6 +103,24 @@ log_dummy(struct ifnet *ifp, u_long cmd, caddr_t addr)
return EINVAL;
}
+static int
+ipfw_log_output(struct ifnet *ifp, struct mbuf *m,
+ struct sockaddr *dst, struct route *ro)
+{
+ if (m != NULL)
+ m_freem(m);
+ return EINVAL;
+}
+
+static void
+ipfw_log_start(struct ifnet* ifp)
+{
+ panic("ipfw_log_start() must not be called");
+}
+
+static const u_char ipfwbroadcastaddr[6] =
+ { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
+
void
ipfw_log_bpf(int onoff)
{
@@ -119,11 +137,12 @@ ipfw_log_bpf(int onoff)
ifp->if_flags = IFF_UP | IFF_SIMPLEX | IFF_MULTICAST;
ifp->if_init = (void *)log_dummy;
ifp->if_ioctl = log_dummy;
- ifp->if_start = (void *)log_dummy;
- ifp->if_output = (void *)log_dummy;
+ ifp->if_start = ipfw_log_start;
+ ifp->if_output = ipfw_log_output;
ifp->if_addrlen = 6;
ifp->if_hdrlen = 14;
if_attach(ifp);
+ ifp->if_broadcastaddr = ipfwbroadcastaddr;
ifp->if_baudrate = IF_Mbps(10);
bpfattach(ifp, DLT_EN10MB, 14);
log_if = ifp;
OpenPOWER on IntegriCloud