Page MenuHomeFreeBSD
Differential D24538

pf: Improve DIOCADDRULE validation
ClosedPublic
Actions

Authored by kp on Apr 22 2020, 7:11 PM.
Tags
None
Referenced Files
Unknown Object (File)
Tue, Oct 14, 8:21 PM
Unknown Object (File)
Mon, Oct 13, 2:48 AM
Unknown Object (File)
Sun, Oct 12, 3:20 PM
Unknown Object (File)
Sun, Oct 12, 12:25 PM
Unknown Object (File)
Sun, Oct 12, 9:11 AM
Unknown Object (File)
Sun, Oct 12, 9:11 AM
Unknown Object (File)
Sat, Oct 11, 1:05 AM
Unknown Object (File)
Thu, Sep 25, 10:23 PM
View All 77 Files
Subscribers
farrokhi
imp
melifaro

Details

Reviewers
melifaro
Group Reviewers
network
Commits
rS360609: pf: Improve DIOCADDRULE validation
Summary

We expect the addrwrap.p.dyn value to be set to NULL (and assert such),
but do not verify it on input.

Reported-by: syzbot+936a89182e7d8f927de1@syzkaller.appspotmail.com

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

kp created this revision.Apr 22 2020, 7:11 PM
Herald added subscribers: melifaro, farrokhi. · View Herald TranscriptApr 22 2020, 7:11 PM
Harbormaster completed remote builds in B30669: Diff 70888.Apr 22 2020, 7:11 PM
melifaro accepted this revision as: melifaro.Apr 29 2020, 7:12 PM

LGTM, please see some comments inline.

sys/netpfil/pf/pf_ioctl.c
1573 ↗(On Diff #70888)

Maybe it's worth considering doing input validation before WLOCK/etc ?

1605 ↗(On Diff #70888)

Nit: worth documenting why we don't want dyn to be set by userland?

This revision is now accepted and ready to land.Apr 29 2020, 7:12 PM
kp updated this revision to Diff 71238.May 1 2020, 12:54 PM

Move the check outside of the lock.

This revision now requires review to proceed.May 1 2020, 12:54 PM
Harbormaster completed remote builds in B30840: Diff 71238.May 1 2020, 12:54 PM
This revision was not accepted when it landed; it landed in state Needs Review.May 3 2020, 4:09 PM
Closed by commit rS360609: pf: Improve DIOCADDRULE validation (authored by kp). · Explain Why
This revision was automatically updated to reflect the committed changes.
kp added a commit: rS360609: pf: Improve DIOCADDRULE validation.
Herald added a subscriber: imp. · View Herald TranscriptMay 3 2020, 4:09 PM

Revision Contents
Changeset List

PathSize
head/
sys/
netpfil/
pf/
5 lines

Diff 71336

View Options

head/sys/netpfil/pf/pf_ioctl.c

Loading...