diff options
author | Henning Brauer <henning@cvs.openbsd.org> | 2004-02-03 19:29:51 +0000 |
---|---|---|
committer | Henning Brauer <henning@cvs.openbsd.org> | 2004-02-03 19:29:51 +0000 |
commit | 03da1de98b14f9d54e5227b966599e0ad30b053f (patch) | |
tree | 9a320154428193f1c0d082beb400e24ea3bff9b6 /sbin/pfctl | |
parent | 1af6e56a36ae947410dc615116a1e8de6434b001 (diff) |
fix PR 3664 / jared r r spiegel
we need to save the unexpanded tag/tagged strings before entering the
expansion loop, and at each loop, start with the unexpanded tag, so that
on subsequent loops the macros are replaced with current values and not
the values from previous loop persist
ryan theo ok
Diffstat (limited to 'sbin/pfctl')
-rw-r--r-- | sbin/pfctl/parse.y | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y index f5590f3fb52..ceb3e7e837c 100644 --- a/sbin/pfctl/parse.y +++ b/sbin/pfctl/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.436 2004/01/05 22:04:24 henning Exp $ */ +/* $OpenBSD: parse.y,v 1.437 2004/02/03 19:29:50 henning Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -3948,12 +3948,19 @@ expand_rule(struct pf_rule *r, int added = 0, error = 0; char ifname[IF_NAMESIZE]; char label[PF_RULE_LABEL_SIZE]; + char tagname[PF_TAG_NAME_SIZE]; + char match_tagname[PF_TAG_NAME_SIZE]; struct pf_pooladdr *pa; struct node_host *h; u_int8_t flags, flagset; if (strlcpy(label, r->label, sizeof(label)) >= sizeof(label)) errx(1, "expand_rule: strlcpy"); + if (strlcpy(tagname, r->tagname, sizeof(tagname)) >= sizeof(tagname)) + errx(1, "expand_rule: strlcpy"); + if (strlcpy(match_tagname, r->match_tagname, sizeof(match_tagname)) >= + sizeof(match_tagname)) + errx(1, "expand_rule: strlcpy"); flags = r->flags; flagset = r->flagset; @@ -3996,6 +4003,12 @@ expand_rule(struct pf_rule *r, if (strlcpy(r->label, label, sizeof(r->label)) >= sizeof(r->label)) errx(1, "expand_rule: strlcpy"); + if (strlcpy(r->tagname, tagname, sizeof(r->tagname)) >= + sizeof(r->tagname)) + errx(1, "expand_rule: strlcpy"); + if (strlcpy(r->match_tagname, match_tagname, + sizeof(r->match_tagname)) >= sizeof(r->match_tagname)) + errx(1, "expand_rule: strlcpy"); expand_label(r->label, PF_RULE_LABEL_SIZE, r->ifname, r->af, src_host, src_port, dst_host, dst_port, proto->proto); expand_label(r->tagname, PF_TAG_NAME_SIZE, r->ifname, r->af, |