From owner-freebsd-ipfw@freebsd.org  Sun Mar  5 22:20:05 2017
Return-Path: <owner-freebsd-ipfw@freebsd.org>
Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 78464CFAAA2
 for <freebsd-ipfw@mailman.ysv.freebsd.org>;
 Sun,  5 Mar 2017 22:20:05 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org (kenobi.freebsd.org
 [IPv6:2001:1900:2254:206a::16:76])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 66B781CEB
 for <freebsd-ipfw@FreeBSD.org>; Sun,  5 Mar 2017 22:20:05 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from bugs.freebsd.org ([127.0.1.118])
 by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id v25MK4BP064728
 for <freebsd-ipfw@FreeBSD.org>; Sun, 5 Mar 2017 22:20:05 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
From: bugzilla-noreply@freebsd.org
To: freebsd-ipfw@FreeBSD.org
Subject: [Bug 217391] [ipfw] [panic] erroneous ipfw rule triggers KASSERT
Date: Sun, 05 Mar 2017 22:20:04 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: 11.0-STABLE
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: Affects Some People
X-Bugzilla-Who: commit-hook@freebsd.org
X-Bugzilla-Status: New
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: freebsd-ipfw@FreeBSD.org
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: 
Message-ID: <bug-217391-7515-CxvjUcYvHS@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-217391-7515@https.bugs.freebsd.org/bugzilla/>
References: <bug-217391-7515@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-ipfw>,
 <mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw/>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
 <mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Mar 2017 22:20:05 -0000

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D217391

--- Comment #4 from commit-hook@freebsd.org ---
A commit references this bug:

Author: ae
Date: Sun Mar  5 22:19:43 UTC 2017
New revision: 314715
URL: https://svnweb.freebsd.org/changeset/base/314715

Log:
  Reject invalid object types that can not be used with specific opcodes.

  When we doing reference counting of named objects in the new rule,
  for existing objects check that opcode references to correct object,
  otherwise return EINVAL.

  PR:           217391
  MFC after:    1 week
  Sponsored by: Yandex LLC

Changes:
  head/sys/netpfil/ipfw/ip_fw_sockopt.c

--=20
You are receiving this mail because:
You are the assignee for the bug.=