CVSROOT: /cvs
Module name: src
Changes by: bl...@cvs.openbsd.org 2009/05/18 14:37:13
Modified files:
sys/netinet6 : ip6_forward.c ip6_input.c
sys/netinet : ip_input.c
sys/net : pf.c pfvar.h route.c route.h
Log message:
The routing table index rtableid has type unsigned int in the routing
code. In pf rtableid == -1 means don't change the rtableid because
of this rule. So it has to be signed int there. Before the value
is passed from pf to route it is always checked to be >= 0. Change
the type to int in pf and to u_int in netinet and netinet6 to make
the checks work. Otherwise -1 may be used as an array index and
the kernel crashes.
ok henning@
