Diffusion FreeBSD src repository 64bc9ac8cd9a

ipfw: Fix segfault in NPTv6 rule parser
64bc9ac8cd9a
Actions

Description

ipfw: Fix segfault in NPTv6 rule parser

If the user specified a prefix length with either the internal or
external prefix, we'd jump to check_prefix where we'd dereference p
which was most likely uninitialized.

Instead, store the various prefix lengths separately and check them
all after the loop.

MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D50597

Details

Provenance

p.mousavizadeh_protonmail.com	Authored on Aug 21 2025, 5:40 PM
des	Committed on Aug 25 2025, 10:37 AM

Differential Revision

D50597: ipfw: prefixlen segfault bugfix in nptv6

Parents

rGfca43874e713: LinuxKPI: 802.11: rework multicat filter updates

Branches

Unknown

Tags

Unknown

Event Timeline

des committed rG64bc9ac8cd9a: ipfw: Fix segfault in NPTv6 rule parser (authored by p.mousavizadeh_protonmail.com).Aug 25 2025, 10:37 AM

des added an edge: D50597: ipfw: prefixlen segfault bugfix in nptv6.Aug 25 2025, 11:15 AM

des mentioned this in rG167991a1bfb4: ipfw: Fix segfault in NPTv6 rule parser.Sep 4 2025, 6:17 PM

des mentioned this in rGbb5b0c1624fb: ipfw: Fix segfault in NPTv6 rule parser.

Changes (1)

Path

Size

sbin/

ipfw/

nptv6.c

rG64bc9ac8cd9a

View Options