Diffusion FreeBSD src repository bb5b0c1624fb

ipfw: Fix segfault in NPTv6 rule parser
bb5b0c1624fb
Actions

Description

ipfw: Fix segfault in NPTv6 rule parser

If the user specified a prefix length with either the internal or
external prefix, we'd jump to check_prefix where we'd dereference p
which was most likely uninitialized.

Instead, store the various prefix lengths separately and check them
all after the loop.

MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D50597

(cherry picked from commit 64bc9ac8cd9a42259aeb1715d4e14902aa83fcac)

Details

Provenance

p.mousavizadeh_protonmail.com	Authored on Aug 21 2025, 5:40 PM
des	Committed on Sep 4 2025, 6:15 PM

Differential Revision

D50597: ipfw: prefixlen segfault bugfix in nptv6

Parents

rG2e25db21976b: date(1): Improve manpage around '-I'

Branches

Unknown

Tags

Unknown

Event Timeline

des committed rGbb5b0c1624fb: ipfw: Fix segfault in NPTv6 rule parser (authored by p.mousavizadeh_protonmail.com).Sep 4 2025, 6:15 PM

des added an edge: D50597: ipfw: prefixlen segfault bugfix in nptv6.Sep 4 2025, 6:18 PM

Changes (1)

Path

Size

sbin/

ipfw/

nptv6.c

rGbb5b0c1624fb

View Options