Validate pfra_type after copyin before using it to index an array - wireguard-openbsd - WireGuard implementation for the OpenBSD kernel

diff options

author	mikeb <mikeb@openbsd.org>	2017-08-16 14:19:57 +0000
committer	mikeb <mikeb@openbsd.org>	2017-08-16 14:19:57 +0000
commit	2a9429a8977f4a7ae8b6ffd7c1dcb6dcfe60812f (patch)
tree	a75a837b3039971942209fb365de1669d3206d33 /usr.sbin/syspatch
parent	test locale priorities and overrides (diff)
download	wireguard-openbsd-2a9429a8977f4a7ae8b6ffd7c1dcb6dcfe60812f.tar.xz wireguard-openbsd-2a9429a8977f4a7ae8b6ffd7c1dcb6dcfe60812f.zip

Validate pfra_type after copyin before using it to index an array

Don't trust the value of pfra_type blindly since it's coming from userland and sanitize it in pfr_validate_addr that is called after every copyin and also perform the check in pfr_create_kentry before we attempt to use the value not after. Coverity CID 1452909, 1453097, 1453384; Severity: Minor It can be triggered only by root by default or anyone with write access to /dev/pf if such access is provided. ok visa, bcook, sashan, jsg

Diffstat (limited to 'usr.sbin/syspatch')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: