CVSROOT: /cvs
Module name: src
Changes by: mi...@cvs.openbsd.org 2017/08/16 08:19:57
Modified files:
sys/net : pf_table.c
Log message:
Validate pfra_type after copyin before using it to index an array
Don't trust the value of pfra_type blindly since it's coming from
userland and sanitize it in pfr_validate_addr that is called after
every copyin and also perform the check in pfr_create_kentry before
we attempt to use the value not after.
Coverity CID 1452909, 1453097, 1453384; Severity: Minor
It can be triggered only by root by default or anyone with write
access to /dev/pf if such access is provided.
ok visa, bcook, sashan, jsg
