diff options
author | ae <ae@FreeBSD.org> | 2015-11-03 10:34:26 +0000 |
---|---|---|
committer | ae <ae@FreeBSD.org> | 2015-11-03 10:34:26 +0000 |
commit | 52522b4db04bad27116c894875e22009f2f5f026 (patch) | |
tree | 30c9df990bcc7e7dd34846c2239f6f213d3b0eaf /sys/netpfil | |
parent | f4da06a164348aa3238344233e027dd635535865 (diff) | |
download | FreeBSD-src-52522b4db04bad27116c894875e22009f2f5f026.zip FreeBSD-src-52522b4db04bad27116c894875e22009f2f5f026.tar.gz |
Eliminate any conditional increments of object_opcodes in the
check_ipfw_rule_body() function. This function is intended to just
determine that rule has some opcodes that can be rewrited. Then the
ref_rule_objects() function will determine real number of rewritten
opcodes using classify callback.
Reviewed by: melifaro
Obtained from: Yandex LLC
Sponsored by: Yandex LLC
Diffstat (limited to 'sys/netpfil')
-rw-r--r-- | sys/netpfil/ipfw/ip_fw_sockopt.c | 3 | ||||
-rw-r--r-- | sys/netpfil/ipfw/ip_fw_table.c | 9 |
2 files changed, 9 insertions, 3 deletions
diff --git a/sys/netpfil/ipfw/ip_fw_sockopt.c b/sys/netpfil/ipfw/ip_fw_sockopt.c index 6fbce0c..4ae8961 100644 --- a/sys/netpfil/ipfw/ip_fw_sockopt.c +++ b/sys/netpfil/ipfw/ip_fw_sockopt.c @@ -1605,10 +1605,9 @@ check_ipfw_rule_body(ipfw_insn *cmd, int cmd_len, struct rule_check_info *ci) case O_RECV: case O_XMIT: case O_VIA: - if (((ipfw_insn_if *)cmd)->name[0] == '\1') - ci->object_opcodes++; if (cmdlen != F_INSN_SIZE(ipfw_insn_if)) goto bad_size; + ci->object_opcodes++; break; case O_ALTQ: diff --git a/sys/netpfil/ipfw/ip_fw_table.c b/sys/netpfil/ipfw/ip_fw_table.c index 974822c..673511e 100644 --- a/sys/netpfil/ipfw/ip_fw_table.c +++ b/sys/netpfil/ipfw/ip_fw_table.c @@ -3400,6 +3400,9 @@ ref_rule_objects(struct ip_fw_chain *ch, struct ip_fw *rule, if (numnew != 0) error = create_objects_compat(ch, rule->cmd, oib, pidx, ti); + /* Calculate real number of dynamic objects */ + ci->object_opcodes = (uint16_t)(pidx - oib); + return (error); } @@ -3431,7 +3434,6 @@ ipfw_rewrite_rule_uidx(struct ip_fw_chain *chain, pidx_first = malloc(ci->object_opcodes * sizeof(struct obj_idx), M_IPFW, M_WAITOK | M_ZERO); - pidx_last = pidx_first + ci->object_opcodes; error = 0; type = 0; memset(&ti, 0, sizeof(ti)); @@ -3450,9 +3452,14 @@ ipfw_rewrite_rule_uidx(struct ip_fw_chain *chain, error = ref_rule_objects(chain, ci->krule, ci, pidx_first, &ti); if (error != 0) goto free; + /* + * Note that ref_rule_objects() might have updated ci->object_opcodes + * to reflect actual number of object opcodes. + */ /* Perform rule rewrite */ p = pidx_first; + pidx_last = pidx_first + ci->object_opcodes; for (p = pidx_first; p < pidx_last; p++) { cmd = ci->krule->cmd + p->off; update_opcode_kidx(cmd, p->kidx); |