summaryrefslogtreecommitdiffstats
path: root/sys
diff options
context:
space:
mode:
authoroleg <oleg@FreeBSD.org>2006-02-03 23:03:07 +0000
committeroleg <oleg@FreeBSD.org>2006-02-03 23:03:07 +0000
commita73eff40d08c8a48e221719f18c0cc280f546a03 (patch)
treed343251868a29cd84a933fbbf878b7c53aaab972 /sys
parent2b85b6db3b8673dd6cd28274f2225f147ce3ab52 (diff)
downloadFreeBSD-src-a73eff40d08c8a48e221719f18c0cc280f546a03.zip
FreeBSD-src-a73eff40d08c8a48e221719f18c0cc280f546a03.tar.gz
Properly initialize args structure before passing it to ipfw_chk(): having
uninitialized args.inp is unhealthy for uid/gid/jail ipfw rules. PR: kern/92589 Approved by: glebius (mentor) MFC after: 1 week
Diffstat (limited to 'sys')
-rw-r--r--sys/net/if_bridge.c1
-rw-r--r--sys/net/if_ethersubr.c1
2 files changed, 2 insertions, 0 deletions
diff --git a/sys/net/if_bridge.c b/sys/net/if_bridge.c
index 6be9ab6..fb7c2b9 100644
--- a/sys/net/if_bridge.c
+++ b/sys/net/if_bridge.c
@@ -2647,6 +2647,7 @@ bridge_pfil(struct mbuf **mp, struct ifnet *bifp, struct ifnet *ifp, int dir)
args.oif = ifp;
args.next_hop = NULL;
args.eh = &eh2;
+ args.inp = NULL; /* used by ipfw uid/gid/jail rules */
i = ip_fw_chk_ptr(&args);
*mp = args.m;
diff --git a/sys/net/if_ethersubr.c b/sys/net/if_ethersubr.c
index 4f9d119..ed0f270 100644
--- a/sys/net/if_ethersubr.c
+++ b/sys/net/if_ethersubr.c
@@ -426,6 +426,7 @@ ether_ipfw_chk(struct mbuf **m0, struct ifnet *dst,
args.rule = *rule; /* matching rule to restart */
args.next_hop = NULL; /* we do not support forward yet */
args.eh = &save_eh; /* MAC header for bridged/MAC packets */
+ args.inp = NULL; /* used by ipfw uid/gid/jail rules */
i = ip_fw_chk_ptr(&args);
m = args.m;
if (m != NULL) {
OpenPOWER on IntegriCloud