Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 10 May 2021 19:49:48 GMT
From:      Kristof Provost <kp@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org
Subject:   git: b8b6ee3554eb - stable/13 - pf: Fix parsing of long table names
Message-ID:  <202105101949.14AJnmiu006336@gitrepo.freebsd.org>

next in thread | raw e-mail | index | archive | help
The branch stable/13 has been updated by kp:

URL: https://cgit.FreeBSD.org/src/commit/?id=b8b6ee3554eb331e215db13d3feac34df20a8f39

commit b8b6ee3554eb331e215db13d3feac34df20a8f39
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2021-04-24 13:55:24 +0000
Commit:     Kristof Provost <kp@FreeBSD.org>
CommitDate: 2021-05-10 19:45:56 +0000

    pf: Fix parsing of long table names
    
    When parsing the nvlist for a struct pf_addr_wrap we unconditionally
    tried to parse "ifname". This broke for PF_ADDR_TABLE when the table
    name was longer than IFNAMSIZ. PF_TABLE_NAME_SIZE is longer than
    IFNAMSIZ, so this is a valid configuration.
    
    Only parse (or return) ifname or tblname for the corresponding
    pf_addr_wrap type.
    
    This manifested as a failure to set rules such as these, where the pfctl
    optimiser generated an automatic table:
    
            pass in proto tcp to 192.168.0.1 port ssh
            pass in proto tcp to 192.168.0.2 port ssh
            pass in proto tcp to 192.168.0.3 port ssh
            pass in proto tcp to 192.168.0.4 port ssh
            pass in proto tcp to 192.168.0.5 port ssh
            pass in proto tcp to 192.168.0.6 port ssh
            pass in proto tcp to 192.168.0.7 port ssh
    
    Reported by:    Florian Smeets
    Tested by:      Florian Smeets
    Reviewed by:    donner
    X-MFC-With:     5c11c5a3655842a176124ef2334fcdf830422c8a
    MFC after:      2 weeks
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
    Differential Revision:  https://reviews.freebsd.org/D29962
    
    (cherry picked from commit 402dfb0a8d2c6417cb9bff4460ef250a42b0aa05)
---
 lib/libpfctl/libpfctl.c   | 15 ++++++++++-----
 sys/netpfil/pf/pf_ioctl.c | 16 ++++++++++------
 2 files changed, 20 insertions(+), 11 deletions(-)

diff --git a/lib/libpfctl/libpfctl.c b/lib/libpfctl/libpfctl.c
index 6d5397cb64b2..69c51ec6c897 100644
--- a/lib/libpfctl/libpfctl.c
+++ b/lib/libpfctl/libpfctl.c
@@ -148,8 +148,10 @@ pfctl_nv_add_addr_wrap(nvlist_t *nvparent, const char *name,
 
 	nvlist_add_number(nvl, "type", addr->type);
 	nvlist_add_number(nvl, "iflags", addr->iflags);
-	nvlist_add_string(nvl, "ifname", addr->v.ifname);
-	nvlist_add_string(nvl, "tblname", addr->v.tblname);
+	if (addr->type == PF_ADDR_DYNIFTL)
+		nvlist_add_string(nvl, "ifname", addr->v.ifname);
+	if (addr->type == PF_ADDR_TABLE)
+		nvlist_add_string(nvl, "tblname", addr->v.tblname);
 	pfctl_nv_add_addr(nvl, "addr", &addr->v.a.addr);
 	pfctl_nv_add_addr(nvl, "mask", &addr->v.a.mask);
 
@@ -161,9 +163,12 @@ pf_nvaddr_wrap_to_addr_wrap(const nvlist_t *nvl, struct pf_addr_wrap *addr)
 {
 	addr->type = nvlist_get_number(nvl, "type");
 	addr->iflags = nvlist_get_number(nvl, "iflags");
-	strlcpy(addr->v.ifname, nvlist_get_string(nvl, "ifname"), IFNAMSIZ);
-	strlcpy(addr->v.tblname, nvlist_get_string(nvl, "tblname"),
-	    PF_TABLE_NAME_SIZE);
+	if (addr->type == PF_ADDR_DYNIFTL)
+		strlcpy(addr->v.ifname, nvlist_get_string(nvl, "ifname"),
+		    IFNAMSIZ);
+	if (addr->type == PF_ADDR_TABLE)
+		strlcpy(addr->v.tblname, nvlist_get_string(nvl, "tblname"),
+		    PF_TABLE_NAME_SIZE);
 
 	pf_nvaddr_to_addr(nvlist_get_nvlist(nvl, "addr"), &addr->v.a.addr);
 	pf_nvaddr_to_addr(nvlist_get_nvlist(nvl, "mask"), &addr->v.a.mask);
diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c
index 522f6a6a8f54..40a68a65bfd5 100644
--- a/sys/netpfil/pf/pf_ioctl.c
+++ b/sys/netpfil/pf/pf_ioctl.c
@@ -1703,10 +1703,12 @@ pf_nvaddr_wrap_to_addr_wrap(const nvlist_t *nvl, struct pf_addr_wrap *addr)
 
 	PFNV_CHK(pf_nvuint8(nvl, "type", &addr->type));
 	PFNV_CHK(pf_nvuint8(nvl, "iflags", &addr->iflags));
-	PFNV_CHK(pf_nvstring(nvl, "ifname", addr->v.ifname,
-	    sizeof(addr->v.ifname)));
-	PFNV_CHK(pf_nvstring(nvl, "tblname", addr->v.tblname,
-	    sizeof(addr->v.tblname)));
+	if (addr->type == PF_ADDR_DYNIFTL)
+		PFNV_CHK(pf_nvstring(nvl, "ifname", addr->v.ifname,
+		    sizeof(addr->v.ifname)));
+	if (addr->type == PF_ADDR_TABLE)
+		PFNV_CHK(pf_nvstring(nvl, "tblname", addr->v.tblname,
+		    sizeof(addr->v.tblname)));
 
 	if (! nvlist_exists_nvlist(nvl, "addr"))
 		return (EINVAL);
@@ -1746,8 +1748,10 @@ pf_addr_wrap_to_nvaddr_wrap(const struct pf_addr_wrap *addr)
 
 	nvlist_add_number(nvl, "type", addr->type);
 	nvlist_add_number(nvl, "iflags", addr->iflags);
-	nvlist_add_string(nvl, "ifname", addr->v.ifname);
-	nvlist_add_string(nvl, "tblname", addr->v.tblname);
+	if (addr->type == PF_ADDR_DYNIFTL)
+		nvlist_add_string(nvl, "ifname", addr->v.ifname);
+	if (addr->type == PF_ADDR_TABLE)
+		nvlist_add_string(nvl, "tblname", addr->v.tblname);
 
 	tmp = pf_addr_to_nvaddr(&addr->v.a.addr);
 	if (tmp == NULL)



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202105101949.14AJnmiu006336>