diff options
| author | Ryan Thomas McBride <mcbride@cvs.openbsd.org> | 2007-06-26 14:44:13 +0000 |
|---|---|---|
| committer | Ryan Thomas McBride <mcbride@cvs.openbsd.org> | 2007-06-26 14:44:13 +0000 |
| commit | 3a7ae2460aad0149c24f3614fccab4bf452a7912 (patch) | |
| tree | 7343cd5928fb4fdc786d138f4f10ab293bfe70be /sys | |
| parent | 7f22278173d4417b7e8890f6e410a525a2dcfaee (diff) | |
Fix a race condition during ruleset reload; make sure we don't walk off
the end of the array of rule pointers when attaching a pfsync'd state
to a rule. Reported in PR5508 by mayer@netlab.nec.de.
ok henning@
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/net/if_pfsync.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/sys/net/if_pfsync.c b/sys/net/if_pfsync.c index 0922153b6be..da42c20a689 100644 --- a/sys/net/if_pfsync.c +++ b/sys/net/if_pfsync.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_pfsync.c,v 1.82 2007/06/25 13:57:18 henning Exp $ */ +/* $OpenBSD: if_pfsync.c,v 1.83 2007/06/26 14:44:12 mcbride Exp $ */ /* * Copyright (c) 2002 Michael Shalayeff @@ -243,7 +243,9 @@ pfsync_insert_net_state(struct pfsync_state *sp, u_int8_t chksum_flag) * If the ruleset checksums match, it's safe to associate the state * with the rule of that number. */ - if (sp->rule != htonl(-1) && sp->anchor == htonl(-1) && chksum_flag) + if (sp->rule != htonl(-1) && sp->anchor == htonl(-1) && chksum_flag && + ntohl(sp->rule) < + pf_main_ruleset.rules[PF_RULESET_FILTER].active.rcount) r = pf_main_ruleset.rules[ PF_RULESET_FILTER].active.ptr_array[ntohl(sp->rule)]; else |