summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorgnezdo <gnezdo@openbsd.org>2021-01-09 20:59:44 +0000
committergnezdo <gnezdo@openbsd.org>2021-01-09 20:59:44 +0000
commit70464ff266ff932486fdf27423da912d8e356eaf (patch)
tree40a0818858c8516f77e22775ce66734fd1666040
parentEnforce range with sysctl_int_bounded in sysctl_wdog (diff)
downloadwireguard-openbsd-70464ff266ff932486fdf27423da912d8e356eaf.tar.xz
wireguard-openbsd-70464ff266ff932486fdf27423da912d8e356eaf.zip
Enforce range with sysctl_int_bounded in ipip_sysctl
OK millert@
Diffstat
-rw-r--r--sys/netinet/ip_ipip.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/sys/netinet/ip_ipip.c b/sys/netinet/ip_ipip.c
index b8c90fd702e..d6f6da856fe 100644
--- a/sys/netinet/ip_ipip.c
+++ b/sys/netinet/ip_ipip.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ip_ipip.c,v 1.89 2018/11/14 23:55:04 dlg Exp $ */
+/* $OpenBSD: ip_ipip.c,v 1.90 2021/01/09 20:59:44 gnezdo Exp $ */
/*
* The authors of this code are John Ioannidis (ji@tla.org),
* Angelos D. Keromytis (kermit@csd.uch.gr) and
@@ -596,7 +596,8 @@ ipip_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp,
switch (name[0]) {
case IPIPCTL_ALLOW:
NET_LOCK();
- error = sysctl_int(oldp, oldlenp, newp, newlen, &ipip_allow);
+ error = sysctl_int_bounded(oldp, oldlenp, newp, newlen,
+ &ipip_allow, 0, 2);
NET_UNLOCK();
return (error);
case IPIPCTL_STATS:
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.