Date: Wed, 13 Aug 2014 06:16:38 +0000 (UTC) From: "Alexander V. Chernikov" <melifaro@FreeBSD.org> To: src-committers@freebsd.org, svn-src-projects@freebsd.org Subject: svn commit: r269910 - projects/ipfw/sbin/ipfw Message-ID: <201408130616.s7D6GcUh023527@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: melifaro Date: Wed Aug 13 06:16:37 2014 New Revision: 269910 URL: http://svnweb.freebsd.org/changeset/base/269910 Log: * Do not crash on incorrect "flow" type inputs. * Do not auto-create tables for operations other than add. Modified: projects/ipfw/sbin/ipfw/tables.c Modified: projects/ipfw/sbin/ipfw/tables.c ============================================================================== --- projects/ipfw/sbin/ipfw/tables.c Wed Aug 13 05:53:41 2014 (r269909) +++ projects/ipfw/sbin/ipfw/tables.c Wed Aug 13 06:16:37 2014 (r269910) @@ -67,7 +67,7 @@ static void table_show_list(ipfw_obj_hea static void table_show_entry(ipfw_xtable_info *i, ipfw_obj_tentry *tent); static void tentry_fill_key(ipfw_obj_header *oh, ipfw_obj_tentry *tent, - char *key, uint8_t *ptype, uint8_t *pvtype, ipfw_xtable_info *xi); + char *key, int add, uint8_t *ptype, uint8_t *pvtype, ipfw_xtable_info *xi); static void tentry_fill_value(ipfw_obj_header *oh, ipfw_obj_tentry *tent, char *arg, uint8_t type, uint8_t vtype); @@ -932,7 +932,7 @@ table_modify_record(ipfw_obj_header *oh, memset(&xi, 0, sizeof(xi)); count = 0; while (ac > 0) { - tentry_fill_key(oh, ptent, *av, &type, &vtype, &xi); + tentry_fill_key(oh, ptent, *av, add, &type, &vtype, &xi); /* * compability layer: auto-create table if not exists @@ -1073,7 +1073,7 @@ table_do_lookup(ipfw_obj_header *oh, cha tent->head.length = sizeof(*tent); tent->idx = 1; - tentry_fill_key(oh, tent, key, &type, &vtype, xi); + tentry_fill_key(oh, tent, key, 0, &type, &vtype, xi); oh->ntlv.type = type; sz = sizeof(xbuf); @@ -1196,7 +1196,7 @@ tentry_fill_key_type(char *arg, ipfw_obj tfe = &tentry->k.flow; af = 0; - /* Handle <ipv4|ipv6>*/ + /* Handle <ipv4|ipv6> */ if ((tflags & IPFW_TFFLAG_SRCIP) != 0) { if ((p = strchr(arg, ',')) != NULL) *p++ = '\0'; @@ -1220,6 +1220,8 @@ tentry_fill_key_type(char *arg, ipfw_obj /* Handle <proto-num|proto-name> */ if ((tflags & IPFW_TFFLAG_PROTO) != 0) { + if (arg == NULL) + errx(EX_DATAERR, "invalid key: proto missing"); if ((p = strchr(arg, ',')) != NULL) *p++ = '\0'; @@ -1242,6 +1244,8 @@ tentry_fill_key_type(char *arg, ipfw_obj /* Handle <port-num|service-name> */ if ((tflags & IPFW_TFFLAG_SRCPORT) != 0) { + if (arg == NULL) + errx(EX_DATAERR, "invalid key: src port missing"); if ((p = strchr(arg, ',')) != NULL) *p++ = '\0'; @@ -1260,6 +1264,8 @@ tentry_fill_key_type(char *arg, ipfw_obj /* Handle <ipv4|ipv6>*/ if ((tflags & IPFW_TFFLAG_DSTIP) != 0) { + if (arg == NULL) + errx(EX_DATAERR, "invalid key: dst ip missing"); if ((p = strchr(arg, ',')) != NULL) *p++ = '\0'; /* Determine family using temporary storage */ @@ -1282,6 +1288,8 @@ tentry_fill_key_type(char *arg, ipfw_obj /* Handle <port-num|service-name> */ if ((tflags & IPFW_TFFLAG_DSTPORT) != 0) { + if (arg == NULL) + errx(EX_DATAERR, "invalid key: dst port missing"); if ((p = strchr(arg, ',')) != NULL) *p++ = '\0'; @@ -1312,7 +1320,7 @@ tentry_fill_key_type(char *arg, ipfw_obj static void tentry_fill_key(ipfw_obj_header *oh, ipfw_obj_tentry *tent, char *key, - uint8_t *ptype, uint8_t *pvtype, ipfw_xtable_info *xi) + int add, uint8_t *ptype, uint8_t *pvtype, ipfw_xtable_info *xi) { uint8_t type, tflags, vtype; int error; @@ -1336,6 +1344,9 @@ tentry_fill_key(ipfw_obj_header *oh, ipf if (error != ESRCH) errx(EX_OSERR, "Error requesting table %s info", oh->ntlv.name); + if (add == 0) + errx(EX_DATAERR, "Table %s does not exist", + oh->ntlv.name); /* * Table does not exist. * Compability layer: try to interpret data as CIDR
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201408130616.s7D6GcUh023527>