Page MenuHomeFreeBSD

Resolve ipfilter seed array size panic

Authored by cy on Jan 3 2018, 9:08 PM.



When growing the state, remember to grow the seed array, otherwise we'll end
up accessing memory we did not allocate.

Submitted by

Test Plan


Currently running on my firewall/gateway and laptop.

Diff Detail

rS FreeBSD src repository
Automatic diff as part of commit; lint not applicable.
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

cy created this revision.Jan 3 2018, 9:08 PM
cy added a reviewer: rgrimes.Jan 4 2018, 1:27 AM
delphij requested changes to this revision.Jan 4 2018, 4:07 AM

Please see my comment inline. Other than that random number generation, the change looks fine to me.

317 ↗(On Diff #37483)

Could you please change this to the old FreeBSD condition (#if FREEBSD_GE_REV(400000)) instead? The change as-is means in userland the seed would be predictable which may have bad consequences.

5303 ↗(On Diff #37483)

NO ACTION REQUESTED: Just curious, how were these values chosen?

This revision now requires changes to proceed.Jan 4 2018, 4:07 AM
cy marked an inline comment as done.Jan 4 2018, 4:14 AM
cy added inline comments.
317 ↗(On Diff #37483)


The block should ultimately be removed but that's for a different revision.

cy updated this revision to Diff 37498.Jan 4 2018, 4:16 AM
cy marked an inline comment as done.
cy marked an inline comment as done.
delphij accepted this revision.Jan 4 2018, 4:38 AM

Looks good to me.

This revision is now accepted and ready to land.Jan 4 2018, 4:38 AM
rgrimes accepted this revision.Jan 4 2018, 2:01 PM

On visual inspection this looks good, I do not run pf or stateful so I can not do any real world testing. Please make sure the commit message includes a comment about refactoring common code to a new function ipf_state_seed_alloc.

This revision was automatically updated to reflect the committed changes.