aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorOleg Bulyzhin <oleg@FreeBSD.org>2006-02-03 23:03:07 +0000
committerOleg Bulyzhin <oleg@FreeBSD.org>2006-02-03 23:03:07 +0000
commit3ecf1851df366a6a3d847e1c78df5436e92c46bd (patch)
treed343251868a29cd84a933fbbf878b7c53aaab972
parent37f84a6018b6aadcad232b52ebe3bed189ea5d12 (diff)
downloadsrc-3ecf1851df366a6a3d847e1c78df5436e92c46bd.tar.gz
src-3ecf1851df366a6a3d847e1c78df5436e92c46bd.zip
Properly initialize args structure before passing it to ipfw_chk(): having
uninitialized args.inp is unhealthy for uid/gid/jail ipfw rules. PR: kern/92589 Approved by: glebius (mentor) MFC after: 1 week
Notes
Notes: svn path=/head/; revision=155268
Diffstat
-rw-r--r--sys/net/if_bridge.c1
-rw-r--r--sys/net/if_ethersubr.c1
2 files changed, 2 insertions, 0 deletions
diff --git a/sys/net/if_bridge.c b/sys/net/if_bridge.c
index 6be9ab628640..fb7c2b9b0d83 100644
--- a/sys/net/if_bridge.c
+++ b/sys/net/if_bridge.c
@@ -2647,6 +2647,7 @@ bridge_pfil(struct mbuf **mp, struct ifnet *bifp, struct ifnet *ifp, int dir)
args.oif = ifp;
args.next_hop = NULL;
args.eh = &eh2;
+ args.inp = NULL; /* used by ipfw uid/gid/jail rules */
i = ip_fw_chk_ptr(&args);
*mp = args.m;
diff --git a/sys/net/if_ethersubr.c b/sys/net/if_ethersubr.c
index 4f9d1192ca8d..ed0f2701d12d 100644
--- a/sys/net/if_ethersubr.c
+++ b/sys/net/if_ethersubr.c
@@ -426,6 +426,7 @@ ether_ipfw_chk(struct mbuf **m0, struct ifnet *dst,
args.rule = *rule; /* matching rule to restart */
args.next_hop = NULL; /* we do not support forward yet */
args.eh = &save_eh; /* MAC header for bridged/MAC packets */
+ args.inp = NULL; /* used by ipfw uid/gid/jail rules */
i = ip_fw_chk_ptr(&args);
m = args.m;
if (m != NULL) {
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-21 03:57:01 +0000