diff options
| author |   lteo <lteo@openbsd.org> | 2018-04-05 03:28:20 +0000 |
|---|---|---|
| committer | lteo <lteo@openbsd.org> | 2018-04-05 03:28:20 +0000 |
| commit | 9e77a24bfcd724139da366890e4b7f0f32b512cd (patch) | |
| tree | 3a682fcb5efaa857b1751dc5dc88f0e536dd358d | |
| parent | typo in printf - was _PRO, should be _PR0 (diff) | |
| download | wireguard-openbsd-9e77a24bfcd724139da366890e4b7f0f32b512cd.tar.xz wireguard-openbsd-9e77a24bfcd724139da366890e4b7f0f32b512cd.zip | |
Explicitly check PF_TRANS_RULESET in DIOCXBEGIN, DIOCXCOMMIT, and DIOCXROLLBACK.
ok bluhm@ sashan@ visa@
| -rw-r--r-- | sys/net/pf_ioctl.c | 34 |
1 files changed, 29 insertions, 5 deletions
diff --git a/sys/net/pf_ioctl.c b/sys/net/pf_ioctl.c index 078caeb71fa..c418b2e9529 100644 --- a/sys/net/pf_ioctl.c +++ b/sys/net/pf_ioctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf_ioctl.c,v 1.331 2018/02/08 02:25:44 henning Exp $ */ +/* $OpenBSD: pf_ioctl.c,v 1.332 2018/04/05 03:28:20 lteo Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -2251,7 +2251,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p) goto fail; } break; - default: + case PF_TRANS_RULESET: if ((error = pf_begin_rules(&ioe->ticket, ioe->anchor))) { free(table, M_TEMP, sizeof(*table)); @@ -2260,6 +2260,12 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p) goto fail; } break; + default: + free(table, M_TEMP, sizeof(*table)); + free(ioe, M_TEMP, sizeof(*ioe)); + error = EINVAL; + PF_UNLOCK(); + goto fail; } if (copyout(ioe, io->array+i, sizeof(io->array[i]))) { free(table, M_TEMP, sizeof(*table)); @@ -2317,7 +2323,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p) goto fail; /* really bad */ } break; - default: + case PF_TRANS_RULESET: if ((error = pf_rollback_rules(ioe->ticket, ioe->anchor))) { free(table, M_TEMP, sizeof(*table)); @@ -2326,6 +2332,12 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p) goto fail; /* really bad */ } break; + default: + free(table, M_TEMP, sizeof(*table)); + free(ioe, M_TEMP, sizeof(*ioe)); + error = EINVAL; + PF_UNLOCK(); + goto fail; /* really bad */ } } free(table, M_TEMP, sizeof(*table)); @@ -2377,7 +2389,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p) goto fail; } break; - default: + case PF_TRANS_RULESET: rs = pf_find_ruleset(ioe->anchor); if (rs == NULL || !rs->rules.inactive.open || @@ -2390,6 +2402,12 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p) goto fail; } break; + default: + free(table, M_TEMP, sizeof(*table)); + free(ioe, M_TEMP, sizeof(*ioe)); + error = EINVAL; + PF_UNLOCK(); + goto fail; } } @@ -2437,7 +2455,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p) goto fail; /* really bad */ } break; - default: + case PF_TRANS_RULESET: if ((error = pf_commit_rules(ioe->ticket, ioe->anchor))) { free(table, M_TEMP, sizeof(*table)); @@ -2446,6 +2464,12 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p) goto fail; /* really bad */ } break; + default: + free(table, M_TEMP, sizeof(*table)); + free(ioe, M_TEMP, sizeof(*ioe)); + error = EINVAL; + PF_UNLOCK(); + goto fail; /* really bad */ } } for (i = 0; i < PF_LIMIT_MAX; i++) { |