diff options
author | melifaro <melifaro@FreeBSD.org> | 2013-04-01 11:28:52 +0000 |
---|---|---|
committer | melifaro <melifaro@FreeBSD.org> | 2013-04-01 11:28:52 +0000 |
commit | bbeb8a5ba24854200f7dc281c96e05b1524f9cf8 (patch) | |
tree | 4bcdee108e72e43b38bf5363f16e7421b999c9b5 /sys/netpfil | |
parent | 060b76c80320d06783ff631ada0fc18b70dcab91 (diff) | |
download | FreeBSD-src-bbeb8a5ba24854200f7dc281c96e05b1524f9cf8.zip FreeBSD-src-bbeb8a5ba24854200f7dc281c96e05b1524f9cf8.tar.gz |
Fix ipfw rule validation partially broken by r248552.
Pointed by: avg
MFC with: r248552
Diffstat (limited to 'sys/netpfil')
-rw-r--r-- | sys/netpfil/ipfw/ip_fw_sockopt.c | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/sys/netpfil/ipfw/ip_fw_sockopt.c b/sys/netpfil/ipfw/ip_fw_sockopt.c index 8008bcd..64f09a5 100644 --- a/sys/netpfil/ipfw/ip_fw_sockopt.c +++ b/sys/netpfil/ipfw/ip_fw_sockopt.c @@ -672,10 +672,6 @@ check_ipfw_struct(struct ip_fw *rule, int size) case O_IPID: case O_IPTTL: case O_IPLEN: - case O_DSCP: - if (cmdlen != F_INSN_SIZE(ipfw_insn_u32) + 1) - goto bad_size; - break; case O_TCPDATALEN: case O_TCPWIN: case O_TAGGED: @@ -683,6 +679,11 @@ check_ipfw_struct(struct ip_fw *rule, int size) goto bad_size; break; + case O_DSCP: + if (cmdlen != F_INSN_SIZE(ipfw_insn_u32) + 1) + goto bad_size; + break; + case O_MAC_TYPE: case O_IP_SRCPORT: case O_IP_DSTPORT: /* XXX artificial limit, 30 port pairs */ |