Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 30 Aug 2010 09:29:51 +0000 (UTC)
From:      Maxim Konovalov <maxim@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r211992 - head/sys/netinet/ipfw
Message-ID:  <201008300929.o7U9Tp3H089945@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: maxim
Date: Mon Aug 30 09:29:51 2010
New Revision: 211992
URL: http://svn.freebsd.org/changeset/base/211992

Log:
  o Some programs could send broadcast/multicast traffic to ipfw
  pseudo-interface.  This leads to a panic due to uninitialized
  if_broadcastaddr address.  Initialize it and implement ip_output()
  method to prevent mbuf leak later.
  
  ipfw pseudo-interface should never send anything therefore call
  panic(9) in if_start() method.
  
  PR:		kern/149807
  Submitted by:	Dmitrij Tejblum
  MFC after:	2 weeks

Modified:
  head/sys/netinet/ipfw/ip_fw_log.c

Modified: head/sys/netinet/ipfw/ip_fw_log.c
==============================================================================
--- head/sys/netinet/ipfw/ip_fw_log.c	Mon Aug 30 08:23:22 2010	(r211991)
+++ head/sys/netinet/ipfw/ip_fw_log.c	Mon Aug 30 09:29:51 2010	(r211992)
@@ -103,6 +103,24 @@ log_dummy(struct ifnet *ifp, u_long cmd,
 	return EINVAL;
 }
 
+static int
+ipfw_log_output(struct ifnet *ifp, struct mbuf *m,
+	struct sockaddr *dst, struct route *ro)
+{
+	if (m != NULL)
+		m_freem(m);
+	return EINVAL;
+}
+
+static void
+ipfw_log_start(struct ifnet* ifp)
+{
+	panic("ipfw_log_start() must not be called");
+}
+
+static const u_char ipfwbroadcastaddr[6] =
+	{ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
+
 void
 ipfw_log_bpf(int onoff)
 {
@@ -119,11 +137,12 @@ ipfw_log_bpf(int onoff)
 		ifp->if_flags = IFF_UP | IFF_SIMPLEX | IFF_MULTICAST;
 		ifp->if_init = (void *)log_dummy;
 		ifp->if_ioctl = log_dummy;
-		ifp->if_start = (void *)log_dummy;
-		ifp->if_output = (void *)log_dummy;
+		ifp->if_start = ipfw_log_start;
+		ifp->if_output = ipfw_log_output;
 		ifp->if_addrlen = 6;
 		ifp->if_hdrlen = 14;
 		if_attach(ifp);
+		ifp->if_broadcastaddr = ipfwbroadcastaddr;
 		ifp->if_baudrate = IF_Mbps(10);
 		bpfattach(ifp, DLT_EN10MB, 14);
 		log_if = ifp;

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201008300929.o7U9Tp3H089945>