diff options
| author |   deraadt <deraadt@openbsd.org> | 2015-01-16 06:39:28 +0000 |
|---|---|---|
| committer | deraadt <deraadt@openbsd.org> | 2015-01-16 06:39:28 +0000 |
| commit | b9fc9a728fce9c4289b7e9a992665e28d5629a54 (patch) | |
| tree | 72b2433e418dfa1aef5fcf8305617b97979a25d8 /sbin/pfctl/pfctl.c | |
| parent | improve checksum parsing slightly. now handles filenames with spaces. (diff) | |
| download | wireguard-openbsd-b9fc9a728fce9c4289b7e9a992665e28d5629a54.tar.xz wireguard-openbsd-b9fc9a728fce9c4289b7e9a992665e28d5629a54.zip | |
Replace <sys/param.h> with <limits.h> and other less dirty headers where
possible. Annotate <sys/param.h> lines with their current reasons. Switch
to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change
MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where
sensible to avoid pulling in the pollution. These are the files confirmed
through binary verification.
ok guenther, millert, doug (helped with the verification protocol)
Diffstat (limited to 'sbin/pfctl/pfctl.c')
| -rw-r--r-- | sbin/pfctl/pfctl.c | 26 |
1 files changed, 13 insertions, 13 deletions
diff --git a/sbin/pfctl/pfctl.c b/sbin/pfctl/pfctl.c index 34fde7eb159..bccb8e24b80 100644 --- a/sbin/pfctl/pfctl.c +++ b/sbin/pfctl/pfctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfctl.c,v 1.328 2014/12/10 13:59:29 bluhm Exp $ */ +/* $OpenBSD: pfctl.c,v 1.329 2015/01/16 06:40:00 deraadt Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -749,14 +749,14 @@ pfctl_show_rules(int dev, char *path, int opts, enum pfctl_show format, memset(&pr, 0, sizeof(pr)); if (anchorname[0] == '/') { - if ((npath = calloc(1, MAXPATHLEN)) == NULL) + if ((npath = calloc(1, PATH_MAX)) == NULL) errx(1, "pfctl_rules: calloc"); - strlcpy(npath, anchorname, MAXPATHLEN); + strlcpy(npath, anchorname, PATH_MAX); } else { if (path[0]) - snprintf(&path[len], MAXPATHLEN - len, "/%s", anchorname); + snprintf(&path[len], PATH_MAX - len, "/%s", anchorname); else - snprintf(&path[len], MAXPATHLEN - len, "%s", anchorname); + snprintf(&path[len], PATH_MAX - len, "%s", anchorname); npath = path; } @@ -1330,9 +1330,9 @@ pfctl_load_ruleset(struct pfctl *pf, char *path, struct pf_ruleset *rs, pf->anchor = rs->anchor; if (path[0]) - snprintf(&path[len], MAXPATHLEN - len, "/%s", pf->anchor->name); + snprintf(&path[len], PATH_MAX - len, "/%s", pf->anchor->name); else - snprintf(&path[len], MAXPATHLEN - len, "%s", pf->anchor->name); + snprintf(&path[len], PATH_MAX - len, "%s", pf->anchor->name); if (depth) { if (TAILQ_FIRST(rs->rules.active.ptr) != NULL) { @@ -1396,10 +1396,10 @@ pfctl_load_rule(struct pfctl *pf, char *path, struct pf_rule *r, int depth) if (r->anchor) { if (r->anchor->match) { if (path[0]) - snprintf(&path[len], MAXPATHLEN - len, + snprintf(&path[len], PATH_MAX - len, "/%s", r->anchor->name); else - snprintf(&path[len], MAXPATHLEN - len, + snprintf(&path[len], PATH_MAX - len, "%s", r->anchor->name); name = r->anchor->name; } else @@ -1455,7 +1455,7 @@ pfctl_rules(int dev, char *filename, int opts, int optimize, memset(&pf, 0, sizeof(pf)); memset(&trs, 0, sizeof(trs)); - if ((path = calloc(1, MAXPATHLEN)) == NULL) + if ((path = calloc(1, PATH_MAX)) == NULL) ERRX("pfctl_rules: calloc"); if (strlcpy(trs.pfrt_anchor, anchorname, sizeof(trs.pfrt_anchor)) >= sizeof(trs.pfrt_anchor)) @@ -1980,7 +1980,7 @@ pfctl_show_anchors(int dev, int opts, char *anchorname) } mnr = pr.nr; for (nr = 0; nr < mnr; ++nr) { - char sub[MAXPATHLEN]; + char sub[PATH_MAX]; pr.nr = nr; if (ioctl(dev, DIOCGETRULESET, &pr)) @@ -2097,7 +2097,7 @@ main(int argc, char *argv[]) int opts = 0; int optimize = PF_OPTIMIZE_BASIC; int level; - char anchorname[MAXPATHLEN]; + char anchorname[PATH_MAX]; int anchor_wildcard = 0; char *path; char *lfile = NULL, *sfile = NULL; @@ -2252,7 +2252,7 @@ main(int argc, char *argv[]) /* NOTREACHED */ } - if ((path = calloc(1, MAXPATHLEN)) == NULL) + if ((path = calloc(1, PATH_MAX)) == NULL) errx(1, "pfctl: calloc"); memset(anchorname, 0, sizeof(anchorname)); if (anchoropt != NULL) { |