diff options
author | Ryan Thomas McBride <mcbride@cvs.openbsd.org> | 2004-04-26 02:01:48 +0000 |
---|---|---|
committer | Ryan Thomas McBride <mcbride@cvs.openbsd.org> | 2004-04-26 02:01:48 +0000 |
commit | 108eb7188637786190e3fac136593036552c3802 (patch) | |
tree | b6156e6fd2925b45bb7f600792d26222ba0a4807 /sys | |
parent | 5afa74e9f9d56e834e414944dc9abe3838889495 (diff) |
The rule_number parameter for pf_get_pool() needs to be 32 bits, not 8 -
this fixes corruption of the address pools with large rulesets.
This is a candidate for -stable.
Reported by Zbigniew Kossowski <zk@openbsd.com.pl>, hours of braintwisting
debugging by pb@
Diffstat (limited to 'sys')
-rw-r--r-- | sys/net/pf_ioctl.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/sys/net/pf_ioctl.c b/sys/net/pf_ioctl.c index 3dacdf74533..bc8d3ab4650 100644 --- a/sys/net/pf_ioctl.c +++ b/sys/net/pf_ioctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf_ioctl.c,v 1.114 2004/04/26 00:12:28 cedric Exp $ */ +/* $OpenBSD: pf_ioctl.c,v 1.115 2004/04/26 02:01:47 mcbride Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -81,7 +81,7 @@ void pfattach(int); int pfopen(dev_t, int, int, struct proc *); int pfclose(dev_t, int, int, struct proc *); struct pf_pool *pf_get_pool(char *, char *, u_int32_t, - u_int8_t, u_int8_t, u_int8_t, u_int8_t, u_int8_t); + u_int8_t, u_int32_t, u_int8_t, u_int8_t, u_int8_t); int pf_get_ruleset_number(u_int8_t); void pf_init_ruleset(struct pf_ruleset *); struct pf_anchor *pf_find_or_create_anchor(char[PF_ANCHOR_NAME_SIZE]); @@ -203,7 +203,7 @@ pfclose(dev_t dev, int flags, int fmt, struct proc *p) struct pf_pool * pf_get_pool(char *anchorname, char *rulesetname, u_int32_t ticket, - u_int8_t rule_action, u_int8_t rule_number, u_int8_t r_last, + u_int8_t rule_action, u_int32_t rule_number, u_int8_t r_last, u_int8_t active, u_int8_t check_ticket) { struct pf_ruleset *ruleset; |