diff options
| author | Can Erkin Acar <canacar@cvs.openbsd.org> | 2003-10-01 21:21:36 +0000 |
|---|---|---|
| committer | Can Erkin Acar <canacar@cvs.openbsd.org> | 2003-10-01 21:21:36 +0000 |
| commit | 7dd2e78850b51cb00c64ce01f7377c2273398de0 (patch) | |
| tree | 6723dd2c5a6381193f3f1be038b2a2b5a0a40978 /sys/net/if_pflog.c | |
| parent | 86115c4362593330e50c16b0ca2c180cca1aa974 (diff) | |
Fix stack leak into pfloghdr (the pad field is not initialized),
which ends up in the pflog pcap file. From dhartmei@
ok dhartmei@, frantzen@, henning@
Diffstat (limited to 'sys/net/if_pflog.c')
| -rw-r--r-- | sys/net/if_pflog.c | 8 |
1 files changed, 3 insertions, 5 deletions
diff --git a/sys/net/if_pflog.c b/sys/net/if_pflog.c index e856f2cc965..9def6c6371a 100644 --- a/sys/net/if_pflog.c +++ b/sys/net/if_pflog.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_pflog.c,v 1.9 2003/05/14 08:42:00 canacar Exp $ */ +/* $OpenBSD: if_pflog.c,v 1.10 2003/10/01 21:21:35 canacar Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), * Angelos D. Keromytis (kermit@csd.uch.gr) and @@ -184,6 +184,7 @@ pflog_packet(struct ifnet *ifp, struct mbuf *m, sa_family_t af, u_int8_t dir, if (ifp == NULL || m == NULL || rm == NULL) return (-1); + bzero(&hdr, sizeof(hdr)); hdr.length = PFLOG_REAL_HDRLEN; hdr.af = af; hdr.action = rm->action; @@ -193,13 +194,10 @@ pflog_packet(struct ifnet *ifp, struct mbuf *m, sa_family_t af, u_int8_t dir, if (am == NULL) { hdr.rulenr = htonl(rm->nr); hdr.subrulenr = -1; - bzero(hdr.ruleset, sizeof(hdr.ruleset)); } else { hdr.rulenr = htonl(am->nr); hdr.subrulenr = htonl(rm->nr); - if (ruleset == NULL) - bzero(hdr.ruleset, sizeof(hdr.ruleset)); - else + if (ruleset != NULL) memcpy(hdr.ruleset, ruleset->name, sizeof(hdr.ruleset)); |