diff options
| author | Henning Brauer <henning@cvs.openbsd.org> | 2005-05-23 20:47:03 +0000 |
|---|---|---|
| committer | Henning Brauer <henning@cvs.openbsd.org> | 2005-05-23 20:47:03 +0000 |
| commit | e83afbbd53aaddd2c6129d17f61ae230ee9f36a1 (patch) | |
| tree | dd0ac9221167d99ab4a0835c28d57762087e49f9 /sys/net/pf_table.c | |
| parent | 33fb629c21c3cc2a4a3c61865206cdbf3ec102d5 (diff) | |
don't deny access to "special" tables in get_addrs
with this, when you know their name you can list their contents with pfctl
ok ryan
Diffstat (limited to 'sys/net/pf_table.c')
| -rw-r--r-- | sys/net/pf_table.c | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/sys/net/pf_table.c b/sys/net/pf_table.c index 621809a3b0e..f456dc9e1c4 100644 --- a/sys/net/pf_table.c +++ b/sys/net/pf_table.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf_table.c,v 1.62 2004/12/07 18:02:04 mcbride Exp $ */ +/* $OpenBSD: pf_table.c,v 1.63 2005/05/23 20:47:02 henning Exp $ */ /* * Copyright (c) 2002 Cedric Berger @@ -560,11 +560,10 @@ pfr_get_addrs(struct pfr_table *tbl, struct pfr_addr *addr, int *size, struct pfr_walktree w; int rv; - ACCEPT_FLAGS(0); if (pfr_validate_table(tbl, 0, 0)) return (EINVAL); kt = pfr_lookup_table(tbl); - if (kt == NULL || !(kt->pfrkt_flags & PFR_TFLAG_ACTIVE)) + if (kt == NULL) return (ESRCH); if (kt->pfrkt_cnt > *size) { *size = kt->pfrkt_cnt; |