pfilctl: initialize pio_nheads for PFILIOC_LISTHEADS ioctl
Needs ReviewPublic
Actions

Authored by rew on Apr 24 2022, 6:17 PM.

Tags

None

Referenced Files

	Unknown Object (File)
	Thu, Jan 8, 12:21 PM

	Unknown Object (File)
	Wed, Jan 7, 10:11 AM

	Unknown Object (File)
	Tue, Jan 6, 3:17 PM

	Unknown Object (File)
	Tue, Jan 6, 1:35 AM

	Unknown Object (File)
	Dec 29 2025, 7:25 PM

	Unknown Object (File)
	Nov 26 2025, 8:53 PM

	Unknown Object (File)
	Nov 17 2025, 5:42 AM

	Unknown Object (File)
	Nov 15 2025, 5:06 PM

View All 56 Files

Subscribers

imp

Details

Reviewers

glebius

Summary

When pfilctl hooks is called with no hooks present:

% pfilctl hooks
pfilctl: ioctl(PFILIOC_LISTHEADS): Bad address

If pio_nheads or pio_nhooks is not initialized, pfilioc_listheads()
thinks the caller wants the heads/hooks copied out. However, in this
case, the caller is only expecting the number of heads/hooks returned
and hasn't prepared the buffer that pfilioc_listheads() is trying to
copyout to, causing the bad address error.

Looking at pfilioc_listheads() in sys/net/pfil.c, should the semantics
be to return the number of heads/hooks when either pio_nheads or
pio_nhooks is zero?