Site Navigation

Date:      Sun, 23 Apr 2017 03:16:39 +0000 (UTC)
From:      Cy Schubert <cy@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org
Subject:   svn commit: r317314 - in stable: 10/contrib/ipfilter/lib 10/contrib/ipfilter/tools 11/contrib/ipfilter/lib 11/contrib/ipfilter/tools
Message-ID:  <201704230316.v3N3GdCt039931@repo.freebsd.org>

---

next in thread | raw e-mail | index | archive | help

---

Author: cy
Date: Sun Apr 23 03:16:38 2017
New Revision: 317314
URL: https://svnweb.freebsd.org/changeset/base/317314

Log:
  MFC r316993, r316994, r316997 as follows:
  
  r316993:
  
  Fix CID 1372601 in ipfilter/lib/parsefields.c, possible NULL pointer
  dereference should reallocarray() fail.
  
  	Reported by:	Coverity CID 1372601
  
  r316994:
  
  Fix CID 1372600 in ipfilter/tools/ipf_y.y, possible NULL pointer
  dereference should reallocarray() fail.
  
  	Reported by:	Coverity CID 1372600
  
  r316997:
  
  Use warnx() to issue error message.
  
  	Reported by:	cem

Modified:
  stable/10/contrib/ipfilter/lib/parsefields.c
  stable/10/contrib/ipfilter/tools/ipf_y.y
Directory Properties:
  stable/10/   (props changed)

Changes in other areas also in this revision:
Modified:
  stable/11/contrib/ipfilter/lib/parsefields.c
  stable/11/contrib/ipfilter/tools/ipf_y.y
Directory Properties:
  stable/11/   (props changed)

Modified: stable/10/contrib/ipfilter/lib/parsefields.c
==============================================================================
--- stable/10/contrib/ipfilter/lib/parsefields.c	Sun Apr 23 02:30:06 2017	(r317313)
+++ stable/10/contrib/ipfilter/lib/parsefields.c	Sun Apr 23 03:16:38 2017	(r317314)
@@ -1,4 +1,5 @@
 #include "ipf.h"
+#include <err.h>
 
 extern int nohdrfields;
 
@@ -32,6 +33,10 @@ wordtab_t *parsefields(table, arg)
 			fields = malloc(2 * sizeof(*fields));
 		} else {
 			fields = realloc(fields, (num + 1) * sizeof(*fields));
+			if (fields == NULL) {
+				warnx("memory allocation error at %d in %s in %s", __LINE__, __FUNCTION__, __FILE__);
+				abort();
+			}
 		}
 
 		if (t == NULL) {

Modified: stable/10/contrib/ipfilter/tools/ipf_y.y
==============================================================================
--- stable/10/contrib/ipfilter/tools/ipf_y.y	Sun Apr 23 02:30:06 2017	(r317313)
+++ stable/10/contrib/ipfilter/tools/ipf_y.y	Sun Apr 23 03:16:38 2017	(r317314)
@@ -9,6 +9,7 @@
 #include "ipf.h"
 #include <sys/ioctl.h>
 #include <syslog.h>
+#include <err.h>
 #ifdef IPFILTER_BPF
 # include <pcap.h>
 #endif
@@ -2195,6 +2196,10 @@ char *phrase;
 			for (i = 0, s = strtok(phrase, " \r\n\t"); s != NULL;
 			     s = strtok(NULL, " \r\n\t"), i++) {
 				fb = realloc(fb, (i / 4 + 1) * sizeof(*fb));
+				if (fb == NULL) {
+					warnx("memory allocation error at %d in %s in %s", __LINE__, __FUNCTION__, __FILE__);
+					abort();
+				}
 				l = (u_32_t)strtol(s, NULL, 0);
 				switch (i & 3)
 				{

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201704230316.v3N3GdCt039931>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact