CVSROOT: /cvs Module name: src Changes by: mi...@cvs.openbsd.org 2017/08/16 08:19:57
Modified files: sys/net : pf_table.c Log message: Validate pfra_type after copyin before using it to index an array Don't trust the value of pfra_type blindly since it's coming from userland and sanitize it in pfr_validate_addr that is called after every copyin and also perform the check in pfr_create_kentry before we attempt to use the value not after. Coverity CID 1452909, 1453097, 1453384; Severity: Minor It can be triggered only by root by default or anyone with write access to /dev/pf if such access is provided. ok visa, bcook, sashan, jsg