diff options
| author | gnezdo <gnezdo@cvs.openbsd.org> | 2020-08-24 16:40:08 +0000 |
|---|---|---|
| committer | gnezdo <gnezdo@cvs.openbsd.org> | 2020-08-24 16:40:08 +0000 |
| commit | f61440079d12cec86d5a9c13dd68d226c0bc31f4 (patch) | |
| tree | b2b62b121dc2dcd6b0c56c65c5b027e837519866 /sys/netinet6/ip6_input.c | |
| parent | cd1847b2a394d525e11a94f340512464d068ae00 (diff) | |
Convert ip6_sysctl to sysctl_bounded_args
Tighter limits and OK by sashan
Diffstat (limited to 'sys/netinet6/ip6_input.c')
| -rw-r--r-- | sys/netinet6/ip6_input.c | 25 |
1 files changed, 21 insertions, 4 deletions
diff --git a/sys/netinet6/ip6_input.c b/sys/netinet6/ip6_input.c index 146ff6a52b7..1421a433a16 100644 --- a/sys/netinet6/ip6_input.c +++ b/sys/netinet6/ip6_input.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip6_input.c,v 1.228 2020/08/08 07:42:31 florian Exp $ */ +/* $OpenBSD: ip6_input.c,v 1.229 2020/08/24 16:40:07 gnezdo Exp $ */ /* $KAME: ip6_input.c,v 1.188 2001/03/29 05:34:31 itojun Exp $ */ /* @@ -1334,7 +1334,24 @@ const u_char inet6ctlerrmap[PRC_NCMDS] = { ENOPROTOOPT }; -int *ipv6ctl_vars[IPV6CTL_MAXID] = IPV6CTL_VARS; +const struct sysctl_bounded_args ipv6ctl_vars[] = { + { IPV6CTL_FORWARDING, &ip6_forwarding, 0, 1 }, + { IPV6CTL_SENDREDIRECTS, &ip6_sendredirects, 0, 1 }, + { IPV6CTL_DEFHLIM, &ip6_defhlim, 0, 255 }, + { IPV6CTL_MAXFRAGPACKETS, &ip6_maxfragpackets, 0, 1000 }, + { IPV6CTL_LOG_INTERVAL, &ip6_log_interval, 0, INT_MAX }, + { IPV6CTL_HDRNESTLIMIT, &ip6_hdrnestlimit, 0, 100 }, + { IPV6CTL_DAD_COUNT, &ip6_dad_count, 0, 10 }, + { IPV6CTL_AUTO_FLOWLABEL, &ip6_auto_flowlabel, 0, 1 }, + { IPV6CTL_DEFMCASTHLIM, &ip6_defmcasthlim, 0, 255 }, + { IPV6CTL_USE_DEPRECATED, &ip6_use_deprecated, 0, 1 }, + { IPV6CTL_MAXFRAGS, &ip6_maxfrags, 0, 1000 }, + { IPV6CTL_MFORWARDING, &ip6_mforwarding, 0, 1 }, + { IPV6CTL_MULTIPATH, &ip6_multipath, 0, 1 }, + { IPV6CTL_MCAST_PMTU, &ip6_mcast_pmtu, 0, 1 }, + { IPV6CTL_NEIGHBORGCTHRESH, &ip6_neighborgcthresh, -1, 5 * 2048 }, + { IPV6CTL_MAXDYNROUTES, &ip6_maxdynroutes, -1, 5 * 4096 }, +}; int ip6_sysctl_ip6stat(void *oldp, size_t *oldlenp, void *newp) @@ -1437,8 +1454,8 @@ ip6_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, return (ip6_sysctl_soiikey(oldp, oldlenp, newp, newlen)); default: NET_LOCK(); - error = sysctl_int_arr(ipv6ctl_vars, nitems(ipv6ctl_vars), name, - namelen, oldp, oldlenp, newp, newlen); + error = sysctl_bounded_arr(ipv6ctl_vars, nitems(ipv6ctl_vars), + name, namelen, oldp, oldlenp, newp, newlen); NET_UNLOCK(); return (error); } |