summaryrefslogtreecommitdiff
path: root/sys
diff options
context:
space:
mode:
authorRyan Thomas McBride <mcbride@cvs.openbsd.org>2004-04-26 02:01:48 +0000
committerRyan Thomas McBride <mcbride@cvs.openbsd.org>2004-04-26 02:01:48 +0000
commit108eb7188637786190e3fac136593036552c3802 (patch)
treeb6156e6fd2925b45bb7f600792d26222ba0a4807 /sys
parent5afa74e9f9d56e834e414944dc9abe3838889495 (diff)
The rule_number parameter for pf_get_pool() needs to be 32 bits, not 8 -
this fixes corruption of the address pools with large rulesets. This is a candidate for -stable. Reported by Zbigniew Kossowski <zk@openbsd.com.pl>, hours of braintwisting debugging by pb@
Diffstat (limited to 'sys')
-rw-r--r--sys/net/pf_ioctl.c6
1 files changed, 3 insertions, 3 deletions
diff --git a/sys/net/pf_ioctl.c b/sys/net/pf_ioctl.c
index 3dacdf74533..bc8d3ab4650 100644
--- a/sys/net/pf_ioctl.c
+++ b/sys/net/pf_ioctl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pf_ioctl.c,v 1.114 2004/04/26 00:12:28 cedric Exp $ */
+/* $OpenBSD: pf_ioctl.c,v 1.115 2004/04/26 02:01:47 mcbride Exp $ */
/*
* Copyright (c) 2001 Daniel Hartmeier
@@ -81,7 +81,7 @@ void pfattach(int);
int pfopen(dev_t, int, int, struct proc *);
int pfclose(dev_t, int, int, struct proc *);
struct pf_pool *pf_get_pool(char *, char *, u_int32_t,
- u_int8_t, u_int8_t, u_int8_t, u_int8_t, u_int8_t);
+ u_int8_t, u_int32_t, u_int8_t, u_int8_t, u_int8_t);
int pf_get_ruleset_number(u_int8_t);
void pf_init_ruleset(struct pf_ruleset *);
struct pf_anchor *pf_find_or_create_anchor(char[PF_ANCHOR_NAME_SIZE]);
@@ -203,7 +203,7 @@ pfclose(dev_t dev, int flags, int fmt, struct proc *p)
struct pf_pool *
pf_get_pool(char *anchorname, char *rulesetname, u_int32_t ticket,
- u_int8_t rule_action, u_int8_t rule_number, u_int8_t r_last,
+ u_int8_t rule_action, u_int32_t rule_number, u_int8_t r_last,
u_int8_t active, u_int8_t check_ticket)
{
struct pf_ruleset *ruleset;