diff options
| author |   gnezdo <gnezdo@openbsd.org> | 2020-09-01 01:53:13 +0000 |
|---|---|---|
| committer | gnezdo <gnezdo@openbsd.org> | 2020-09-01 01:53:13 +0000 |
| commit | 545be9df0bf4c2d8385a06b34c43acdbfe055bf6 (patch) | |
| tree | 5eeb97246a1d99a575547a7e9116b4528a8b0b81 | |
| parent | sync (diff) | |
| download | wireguard-openbsd-545be9df0bf4c2d8385a06b34c43acdbfe055bf6.tar.xz wireguard-openbsd-545be9df0bf4c2d8385a06b34c43acdbfe055bf6.zip | |
Convert icmp6_sysct to sysctl_bounded_args
The best-guessed limits will be tested by trial.
| -rw-r--r-- | sys/netinet/icmp6.h | 24 | ||||
| -rw-r--r-- | sys/netinet6/icmp6.c | 19 |
2 files changed, 16 insertions, 27 deletions
diff --git a/sys/netinet/icmp6.h b/sys/netinet/icmp6.h index 79a66a6947d..ce28ea9cb10 100644 --- a/sys/netinet/icmp6.h +++ b/sys/netinet/icmp6.h @@ -1,4 +1,4 @@ -/* $OpenBSD: icmp6.h,v 1.48 2018/12/25 19:28:25 denis Exp $ */ +/* $OpenBSD: icmp6.h,v 1.49 2020/09/01 01:53:13 gnezdo Exp $ */ /* $KAME: icmp6.h,v 1.84 2003/04/23 10:26:51 itojun Exp $ */ /* @@ -535,28 +535,6 @@ struct icmp6stat { { "nd6_debug", CTLTYPE_INT }, \ } -#define ICMPV6CTL_VARS { \ - NULL, \ - NULL, \ - NULL, \ - &icmp6_redirtimeout, \ - NULL, \ - NULL, \ - NULL, \ - NULL, \ - &nd6_delay, \ - &nd6_umaxtries, \ - &nd6_mmaxtries, \ - NULL, \ - NULL, \ - NULL, \ - &icmp6errppslim, \ - &nd6_maxnudhint, \ - &icmp6_mtudisc_hiwat, \ - &icmp6_mtudisc_lowat, \ - &nd6_debug, \ -} - #define RTF_PROBEMTU RTF_PROTO1 #ifdef _KERNEL diff --git a/sys/netinet6/icmp6.c b/sys/netinet6/icmp6.c index 2db284a1bea..a483c17e5ab 100644 --- a/sys/netinet6/icmp6.c +++ b/sys/netinet6/icmp6.c @@ -1,4 +1,4 @@ -/* $OpenBSD: icmp6.c,v 1.231 2020/08/01 23:41:56 gnezdo Exp $ */ +/* $OpenBSD: icmp6.c,v 1.232 2020/09/01 01:53:13 gnezdo Exp $ */ /* $KAME: icmp6.c,v 1.217 2001/06/20 15:03:29 jinmei Exp $ */ /* @@ -1875,7 +1875,17 @@ icmp6_redirect_timeout(struct rtentry *rt, struct rttimer *r) if_put(ifp); } -int *icmpv6ctl_vars[ICMPV6CTL_MAXID] = ICMPV6CTL_VARS; +const struct sysctl_bounded_args icmpv6ctl_vars[] = { + { ICMPV6CTL_REDIRTIMEOUT, &icmp6_redirtimeout, 0, INT_MAX }, + { ICMPV6CTL_ND6_DELAY, &nd6_delay, 0, INT_MAX }, + { ICMPV6CTL_ND6_UMAXTRIES, &nd6_umaxtries, 0, INT_MAX }, + { ICMPV6CTL_ND6_MMAXTRIES, &nd6_mmaxtries, 0, INT_MAX }, + { ICMPV6CTL_ERRPPSLIMIT, &icmp6errppslim, -1, 1000 }, + { ICMPV6CTL_ND6_MAXNUDHINT, &nd6_maxnudhint, 0, INT_MAX }, + { ICMPV6CTL_MTUDISC_HIWAT, &icmp6_mtudisc_hiwat, -1, INT_MAX }, + { ICMPV6CTL_MTUDISC_LOWAT, &icmp6_mtudisc_lowat, -1, INT_MAX }, + { ICMPV6CTL_ND6_DEBUG, &nd6_debug, 0, 1 }, +}; int icmp6_sysctl_icmp6stat(void *oldp, size_t *oldlenp, void *newp) @@ -1909,8 +1919,9 @@ icmp6_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, return icmp6_sysctl_icmp6stat(oldp, oldlenp, newp); default: NET_LOCK(); - error = sysctl_int_arr(icmpv6ctl_vars, nitems(icmpv6ctl_vars), - name, namelen, oldp, oldlenp, newp, newlen); + error = sysctl_bounded_arr(icmpv6ctl_vars, + nitems(icmpv6ctl_vars), name, namelen, oldp, oldlenp, newp, + newlen); NET_UNLOCK(); return (error); } |