diff options
| author |   claudio <claudio@openbsd.org> | 2010-05-12 08:11:11 +0000 |
|---|---|---|
| committer | claudio <claudio@openbsd.org> | 2010-05-12 08:11:11 +0000 |
| commit | 5bcaec1df012b974442ad7eba88624da0516a655 (patch) | |
| tree | b6d40cda8a8724d63869dee7482b8e4fccd6ac5b | |
| parent | enable fast PLL clock for 5GHz on AR9280 >=2.0 (unless EEPROM says the (diff) | |
| download | wireguard-openbsd-5bcaec1df012b974442ad7eba88624da0516a655.tar.xz wireguard-openbsd-5bcaec1df012b974442ad7eba88624da0516a655.zip | |
bzero() the full compressed update struct before setting the values.
This is needed because pf_state_peer_hton() skips some fields in certain
situations which could result in garbage beeing sent to the other peer.
This seems to fix the pfsync storms seen by stephan@ and so dlg owes me
a whiskey.
OK dlg@, stephan@
| -rw-r--r-- | sys/net/if_pfsync.c | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/sys/net/if_pfsync.c b/sys/net/if_pfsync.c index 8e279d0091e..a5c00477df6 100644 --- a/sys/net/if_pfsync.c +++ b/sys/net/if_pfsync.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_pfsync.c,v 1.145 2010/04/25 17:38:53 mpf Exp $ */ +/* $OpenBSD: if_pfsync.c,v 1.146 2010/05/12 08:11:11 claudio Exp $ */ /* * Copyright (c) 2002 Michael Shalayeff @@ -1474,6 +1474,7 @@ pfsync_out_upd_c(struct pf_state *st, void *buf) { struct pfsync_upd_c *up = buf; + bzero(up, sizeof(*up)); up->id = st->id; pf_state_peer_hton(&st->src, &up->src); pf_state_peer_hton(&st->dst, &up->dst); @@ -1485,8 +1486,6 @@ pfsync_out_upd_c(struct pf_state *st, void *buf) else up->expire = htonl(up->expire - time_second); up->timeout = st->timeout; - - bzero(up->_pad, sizeof(up->_pad)); /* XXX */ } void |