diff options
| author | Daniel Hartmeier <dhartmei@cvs.openbsd.org> | 2003-04-07 13:44:23 +0000 |
|---|---|---|
| committer | Daniel Hartmeier <dhartmei@cvs.openbsd.org> | 2003-04-07 13:44:23 +0000 |
| commit | 6a42f1ceb9d8bf1ce8c9ab58ea73bf0ae97d8b42 (patch) | |
| tree | 38ad2204258d24039bda31aa4bb67afab180c428 | |
| parent | 928a870349eeda544ca8e1c281f270058618150b (diff) | |
Catch and refuse rules with invalid ICMP types (> 40), ok cedric@
| -rw-r--r-- | sys/net/pf_ioctl.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/sys/net/pf_ioctl.c b/sys/net/pf_ioctl.c index c8c29cf6097..79d78dd7eaf 100644 --- a/sys/net/pf_ioctl.c +++ b/sys/net/pf_ioctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf_ioctl.c,v 1.55 2003/04/05 20:24:58 cedric Exp $ */ +/* $OpenBSD: pf_ioctl.c,v 1.56 2003/04/07 13:44:22 dhartmei Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -55,6 +55,7 @@ #include <netinet/in_systm.h> #include <netinet/ip.h> #include <netinet/ip_var.h> +#include <netinet/ip_icmp.h> #include <net/pfvar.h> @@ -548,6 +549,10 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p) error = EINVAL; break; } + if (pr->rule.return_icmp >> 8 > ICMP_MAXTYPE) { + error = EINVAL; + break; + } if (pr->ticket != ruleset->rules[rs_num].inactive.ticket) { error = EBUSY; break; @@ -778,6 +783,10 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p) error = EINVAL; break; } + if (pcr->rule.return_icmp >> 8 > ICMP_MAXTYPE) { + error = EINVAL; + break; + } } if (pcr->action != PF_CHANGE_REMOVE) { |