Author: kp
Date: Sun Feb 10 21:22:55 2019
New Revision: 343978
URL: https://svnweb.freebsd.org/changeset/base/343978
Log:
pfctl: Fix ifa_grouplookup()
Setting the length of the request got lost in r343287, which means
SIOCGIFGMEMB
gives us the required length, but does not copy the names of the group
members.
As a result we don't get a correct list of group members, and 'set skip on
<ifgroup>' broke.
This produced all sorts of very unexpected results, because we would end up
applying 'set skip' to unexpected interfaces.
X-MFC-with: r343287
Modified:
head/sbin/pfctl/pfctl_parser.c
Modified: head/sbin/pfctl/pfctl_parser.c
==============================================================================
--- head/sbin/pfctl/pfctl_parser.c Sun Feb 10 21:19:09 2019
(r343977)
+++ head/sbin/pfctl/pfctl_parser.c Sun Feb 10 21:22:55 2019
(r343978)
@@ -1408,6 +1408,7 @@ ifa_grouplookup(char *ifa_name, int flags)
return (NULL);
bzero(&ifgr, sizeof(ifgr));
strlcpy(ifgr.ifgr_name, ifa_name, sizeof(ifgr.ifgr_name));
+ ifgr.ifgr_len = len;
if ((ifgr.ifgr_groups = calloc(1, len)) == NULL)
err(1, "calloc");
if (ioctl(s, SIOCGIFGMEMB, (caddr_t)&ifgr) == -1)
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
