Date: Sun, 1 Sep 2002 20:32:58 -0400 (EDT) From: Andy@wantpackets.com To: FreeBSD-gnats-submit@FreeBSD.org Subject: bin/42304: incorrect ipfw parsing causes segfault Message-ID: <200209020032.g820Wwb4088299@wantpackets.com>
next in thread | raw e-mail | index | archive | help
>Number: 42304
>Category: bin
>Synopsis: incorrect ipfw parsing causes segfault
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sun Sep 01 17:30:12 PDT 2002
>Closed-Date:
>Last-Modified:
>Originator: Andy
>Release: FreeBSD 4.6-RELEASE-p1 i386
>Organization:
>Environment:
System: FreeBSD wantpackets.com 4.6-RELEASE-p1 FreeBSD 4.6-RELEASE-p1 #1: Fri Jun 28 06:20:15 EDT 2002 andy@wantpackets.com:/usr/obj/usr/src/sys/WANTPACKETS i386
>Description:
typing ipfw add unreach segfaults ipfw. incorrect handling of null strings.
>How-To-Repeat:
typing ipfw add unreach segfaults ipfw.
>Fix:
Patch is here:
--- ipfw.c Sun Sep 1 20:13:46 2002
+++ ipfw.c-fixed Sun Sep 1 20:16:22 2002
@@ -972,6 +972,9 @@
u_long val;
char *s;
+ if (str == '\0')
+ errx(EX_DATAERR, "you forgot to specify an icmp spec");
+
val = strtoul(str, &s, 0);
if (s != str && *s == '\0' && val < 0x100) {
*codep = val;
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200209020032.g820Wwb4088299>