diff options
Diffstat (limited to 'sys/contrib/ipfilter/netinet/ip_fil.c')
-rw-r--r-- | sys/contrib/ipfilter/netinet/ip_fil.c | 40 |
1 files changed, 35 insertions, 5 deletions
diff --git a/sys/contrib/ipfilter/netinet/ip_fil.c b/sys/contrib/ipfilter/netinet/ip_fil.c index 9216b3c..fe6af66 100644 --- a/sys/contrib/ipfilter/netinet/ip_fil.c +++ b/sys/contrib/ipfilter/netinet/ip_fil.c @@ -7,7 +7,7 @@ */ #if !defined(lint) static const char sccsid[] = "@(#)ip_fil.c 2.41 6/5/96 (C) 1993-2000 Darren Reed"; -static const char rcsid[] = "@(#)$Id: ip_fil.c,v 2.42.2.9 2000/05/22 12:48:28 darrenr Exp $"; +static const char rcsid[] = "@(#)$Id: ip_fil.c,v 2.42.2.14 2000/07/18 13:57:55 darrenr Exp $"; #endif #ifndef SOLARIS @@ -692,6 +692,10 @@ caddr_t data; if (error) return EFAULT; fp->fr_ref = 0; +#if (BSD >= 199306) && defined(_KERNEL) + if ((securelevel > 0) && (fp->fr_func != NULL)) + return EPERM; +#endif /* * Check that the group number does exist and that if a head group @@ -764,7 +768,7 @@ caddr_t data; * interface pointer in the comparison (fr_next, fr_ifa). */ for (fp->fr_cksum = 0, p = (u_int *)&fp->fr_ip, pp = &fp->fr_cksum; - p != pp; p++) + p < pp; p++) fp->fr_cksum += *p; for (; (f = *ftail); ftail = &f->fr_next) @@ -1088,6 +1092,19 @@ int dst; m = NULL; ifp = fin->fin_ifp; if (fin->fin_v == 4) { + if ((oip->ip_p == IPPROTO_ICMP) && + !(fin->fin_fi.fi_fl & FI_SHORT)) + switch (ntohs(fin->fin_data[0]) >> 8) + { + case ICMP_ECHO : + case ICMP_TSTAMP : + case ICMP_IREQ : + case ICMP_MASKREQ : + break; + default : + return 0; + } + # if (BSD < 199306) || defined(__sgi) avail = MLEN; m = m_get(M_DONTWAIT, MT_HEADER); @@ -1325,10 +1342,9 @@ frdest_t *fdp; ATOMIC_INCL(frstats[1].fr_acct); } fin->fin_fr = NULL; - if (!fr || !(fr->fr_flags & FR_RETMASK)) { + if (!fr || !(fr->fr_flags & FR_RETMASK)) (void) fr_checkstate(ip, fin); - (void) ip_natout(ip, fin); - } + (void) ip_natout(ip, fin); } else ip->ip_sum = 0; /* @@ -1585,15 +1601,29 @@ int v; if (!ifneta) { ifneta = (struct ifnet **)malloc(sizeof(ifp) * 2); + if (!ifneta) + return NULL; ifneta[1] = NULL; ifneta[0] = (struct ifnet *)calloc(1, sizeof(*ifp)); + if (!ifneta[0]) { + free(ifneta); + return NULL; + } nifs = 1; } else { nifs++; ifneta = (struct ifnet **)realloc(ifneta, (nifs + 1) * sizeof(*ifa)); + if (!ifneta) { + nifs = 0; + return NULL; + } ifneta[nifs] = NULL; ifneta[nifs - 1] = (struct ifnet *)malloc(sizeof(*ifp)); + if (!ifneta[nifs - 1]) { + nifs--; + return NULL; + } } ifp = ifneta[nifs - 1]; |