diff options
author | Roman Kurakin <rik@FreeBSD.org> | 2008-09-21 21:46:56 +0000 |
---|---|---|
committer | Roman Kurakin <rik@FreeBSD.org> | 2008-09-21 21:46:56 +0000 |
commit | eba1dd2124fa2c06c7ad100d2ac2a3a8786f9c9d (patch) | |
tree | d537f2e39d2bac11b852cbe212119e07ab2d8df9 /sbin | |
parent | f7b5554eb73df9b9fc82cffb3c8fe2eed5c793f2 (diff) | |
download | src-eba1dd2124fa2c06c7ad100d2ac2a3a8786f9c9d.tar.gz src-eba1dd2124fa2c06c7ad100d2ac2a3a8786f9c9d.zip |
Add the check of the table number.
Notes
Notes:
svn path=/head/; revision=183241
Diffstat (limited to 'sbin')
-rw-r--r-- | sbin/ipfw/ipfw2.c | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/sbin/ipfw/ipfw2.c b/sbin/ipfw/ipfw2.c index 0a62631a5a24..e69313503708 100644 --- a/sbin/ipfw/ipfw2.c +++ b/sbin/ipfw/ipfw2.c @@ -5870,7 +5870,21 @@ table_handler(int ac, char *av[]) { ipfw_table_entry ent; int do_add; + size_t len; char *p; + uint32_t tables_max; + + len = sizeof(a); + if (sysctlbyname("net.inet.ip.fw.tables_max", &tables_max, &len, + NULL, 0) == -1) { +#ifdef IPFW_TABLES_MAX + warn("Warn: Failed to get the max tables number via sysctl. " + "Using the compiled in defaults. \nThe reason was"); + tables_max = IPFW_TABLES_MAX; +#else + errx(1, "Failed sysctlbyname(\"net.inet.ip.fw.tables_max\")"); +#endif + } ac--; av++; if (ac && isdigit(**av)) { @@ -5878,6 +5892,9 @@ table_handler(int ac, char *av[]) ac--; av++; } else errx(EX_USAGE, "table number required"); + if (ent.tbl >= tables_max) + errx(EX_USAGE, "The table number exceeds the maximum allowed " + "value (%d)", tables_max - 1); NEED1("table needs command"); if (_substrcmp(*av, "add") == 0 || _substrcmp(*av, "delete") == 0) { |