Diffusion FreeBSD src repository 71abbe15d01f

pf: Improve pf_rule input validation
71abbe15d01f
Actions

Description

pf: Improve pf_rule input validation

Move the validation checks to pf_rule_to_krule() to reduce duplication.
This also makes the checks consistent across different ioctls.

Reported-by: syzbot+e9632d7ad17398f0bd8f@syzkaller.appspotmail.com
Reviewed by: tuexen@, donner@
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D28362

(cherry picked from commit 7a808c5ee3296fdb72d8e8bc6c7ad6f316a520ab)

Details

Provenance

kp	Authored on Jan 26 2021, 7:56 AM

Differential Revision

D28362: pf: Improve pf_rule input validation

Parents

rGeefddc38243d: lualoader: position hyphens at the beginning of character classes

Branches

Unknown

Tags

Unknown

Event Timeline

kp committed rG71abbe15d01f: pf: Improve pf_rule input validation (authored by kp).Feb 3 2021, 9:09 AM

kp added an edge: D28362: pf: Improve pf_rule input validation.Feb 3 2021, 2:21 PM

Changes (1)

Path

Size

sys/

netpfil/

pf/

pf_ioctl.c

rG71abbe15d01f

View Options