Date: Fri, 1 Mar 2019 22:33:24 +0000 (UTC) From: Kristof Provost <kp@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-12@freebsd.org Subject: svn commit: r344712 - stable/12/sbin/pfctl Message-ID: <201903012233.x21MXOfZ009088@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: kp Date: Fri Mar 1 22:33:24 2019 New Revision: 344712 URL: https://svnweb.freebsd.org/changeset/base/344712 Log: MFC r343978: pfctl: Fix ifa_grouplookup() Setting the length of the request got lost in r343287, which means SIOCGIFGMEMB gives us the required length, but does not copy the names of the group members. As a result we don't get a correct list of group members, and 'set skip on <ifgroup>' broke. This produced all sorts of very unexpected results, because we would end up applying 'set skip' to unexpected interfaces. Modified: stable/12/sbin/pfctl/pfctl_parser.c Directory Properties: stable/12/ (props changed) Modified: stable/12/sbin/pfctl/pfctl_parser.c ============================================================================== --- stable/12/sbin/pfctl/pfctl_parser.c Fri Mar 1 20:43:48 2019 (r344711) +++ stable/12/sbin/pfctl/pfctl_parser.c Fri Mar 1 22:33:24 2019 (r344712) @@ -1408,6 +1408,7 @@ ifa_grouplookup(char *ifa_name, int flags) return (NULL); bzero(&ifgr, sizeof(ifgr)); strlcpy(ifgr.ifgr_name, ifa_name, sizeof(ifgr.ifgr_name)); + ifgr.ifgr_len = len; if ((ifgr.ifgr_groups = calloc(1, len)) == NULL) err(1, "calloc"); if (ioctl(s, SIOCGIFGMEMB, (caddr_t)&ifgr) == -1)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201903012233.x21MXOfZ009088>