diff options
author | Alexander Bluhm <bluhm@cvs.openbsd.org> | 2019-02-18 13:11:45 +0000 |
---|---|---|
committer | Alexander Bluhm <bluhm@cvs.openbsd.org> | 2019-02-18 13:11:45 +0000 |
commit | eb2ef85dc6e63b8f2819256c12559a69f528fea5 (patch) | |
tree | 5f196c9d5605c9c7afa23f1437f30f650d3a57cb /sys | |
parent | 1c77d48cef6cfdd244d5009e27be22dbb488b2b9 (diff) |
Change ps_len of struct pfioc_states and psn_len of struct
pfioc_src_nodes to size_t. This avoids integer truncation by casts
to unsigned. As the types of DIOCGETSTATES and DIOCGETSRCNODES
ioctl(2) arguments change, pfctl(8) and systat(1) should be updated
together with the kernel. Calculate number of pf(4) states as
size_t in userland.
OK sashan@ deraadt@
Diffstat (limited to 'sys')
-rw-r--r-- | sys/net/pf_ioctl.c | 8 | ||||
-rw-r--r-- | sys/net/pfvar.h | 6 |
2 files changed, 7 insertions, 7 deletions
diff --git a/sys/net/pf_ioctl.c b/sys/net/pf_ioctl.c index 5220cd02ed0..633df3d99b9 100644 --- a/sys/net/pf_ioctl.c +++ b/sys/net/pf_ioctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf_ioctl.c,v 1.342 2018/12/27 16:54:01 kn Exp $ */ +/* $OpenBSD: pf_ioctl.c,v 1.343 2019/02/18 13:11:44 bluhm Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -1732,7 +1732,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p) state = TAILQ_FIRST(&state_list); while (state) { if (state->timeout != PFTM_UNLINKED) { - if ((nr+1) * sizeof(*p) > (unsigned)ps->ps_len) + if ((nr+1) * sizeof(*p) > ps->ps_len) break; pf_state_export(pstore, state); error = copyout(pstore, p, sizeof(*p)); @@ -2545,7 +2545,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p) struct pfioc_src_nodes *psn = (struct pfioc_src_nodes *)addr; struct pf_src_node *n, *p, *pstore; u_int32_t nr = 0; - int space = psn->psn_len; + size_t space = psn->psn_len; PF_LOCK(); if (space == 0) { @@ -2562,7 +2562,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p) RB_FOREACH(n, pf_src_tree, &tree_src_tracking) { int secs = time_uptime, diff; - if ((nr + 1) * sizeof(*p) > (unsigned)psn->psn_len) + if ((nr + 1) * sizeof(*p) > psn->psn_len) break; memcpy(pstore, n, sizeof(*pstore)); diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h index 67283c9463b..8f074821d28 100644 --- a/sys/net/pfvar.h +++ b/sys/net/pfvar.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pfvar.h,v 1.489 2018/12/17 15:37:41 kn Exp $ */ +/* $OpenBSD: pfvar.h,v 1.490 2019/02/18 13:11:44 bluhm Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -1496,7 +1496,7 @@ struct pfioc_state_kill { }; struct pfioc_states { - int ps_len; + size_t ps_len; union { caddr_t psu_buf; struct pfsync_state *psu_states; @@ -1506,7 +1506,7 @@ struct pfioc_states { }; struct pfioc_src_nodes { - int psn_len; + size_t psn_len; union { caddr_t psu_buf; struct pf_src_node *psu_src_nodes; |