diff options
author | Oleg Bulyzhin <oleg@FreeBSD.org> | 2006-02-03 23:03:07 +0000 |
---|---|---|
committer | Oleg Bulyzhin <oleg@FreeBSD.org> | 2006-02-03 23:03:07 +0000 |
commit | 3ecf1851df366a6a3d847e1c78df5436e92c46bd (patch) | |
tree | d343251868a29cd84a933fbbf878b7c53aaab972 | |
parent | 37f84a6018b6aadcad232b52ebe3bed189ea5d12 (diff) | |
download | src-3ecf1851df366a6a3d847e1c78df5436e92c46bd.tar.gz src-3ecf1851df366a6a3d847e1c78df5436e92c46bd.zip |
Properly initialize args structure before passing it to ipfw_chk(): having
uninitialized args.inp is unhealthy for uid/gid/jail ipfw rules.
PR: kern/92589
Approved by: glebius (mentor)
MFC after: 1 week
Notes
Notes:
svn path=/head/; revision=155268
-rw-r--r-- | sys/net/if_bridge.c | 1 | ||||
-rw-r--r-- | sys/net/if_ethersubr.c | 1 |
2 files changed, 2 insertions, 0 deletions
diff --git a/sys/net/if_bridge.c b/sys/net/if_bridge.c index 6be9ab628640..fb7c2b9b0d83 100644 --- a/sys/net/if_bridge.c +++ b/sys/net/if_bridge.c @@ -2647,6 +2647,7 @@ bridge_pfil(struct mbuf **mp, struct ifnet *bifp, struct ifnet *ifp, int dir) args.oif = ifp; args.next_hop = NULL; args.eh = &eh2; + args.inp = NULL; /* used by ipfw uid/gid/jail rules */ i = ip_fw_chk_ptr(&args); *mp = args.m; diff --git a/sys/net/if_ethersubr.c b/sys/net/if_ethersubr.c index 4f9d1192ca8d..ed0f2701d12d 100644 --- a/sys/net/if_ethersubr.c +++ b/sys/net/if_ethersubr.c @@ -426,6 +426,7 @@ ether_ipfw_chk(struct mbuf **m0, struct ifnet *dst, args.rule = *rule; /* matching rule to restart */ args.next_hop = NULL; /* we do not support forward yet */ args.eh = &save_eh; /* MAC header for bridged/MAC packets */ + args.inp = NULL; /* used by ipfw uid/gid/jail rules */ i = ip_fw_chk_ptr(&args); m = args.m; if (m != NULL) { |