From owner-freebsd-bugs Sun Sep 1 17:30:22 2002 Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E894B37B400 for ; Sun, 1 Sep 2002 17:30:13 -0700 (PDT) Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3BF8043E7B for ; Sun, 1 Sep 2002 17:30:13 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.4/8.12.4) with ESMTP id g820UDJU073255 for ; Sun, 1 Sep 2002 17:30:13 -0700 (PDT) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.4/8.12.4/Submit) id g820UDKM073254; Sun, 1 Sep 2002 17:30:13 -0700 (PDT) Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7037B37B400 for ; Sun, 1 Sep 2002 17:28:57 -0700 (PDT) Received: from wantpackets.com (wantpackets.com [208.8.54.110]) by mx1.FreeBSD.org (Postfix) with ESMTP id E0C9343E3B for ; Sun, 1 Sep 2002 17:28:56 -0700 (PDT) (envelope-from andy@wantpackets.com) Received: from wantpackets.com (andy@wantpackets.com [208.8.54.110]) by wantpackets.com (8.12.3/8.12.3) with ESMTP id g820Wxcm088301 for ; Sun, 1 Sep 2002 20:33:04 -0400 (EDT) (envelope-from andy@wantpackets.com) Received: (from andy@localhost) by wantpackets.com (8.12.3/8.12.3/Submit) id g820Wwb4088299; Sun, 1 Sep 2002 20:32:58 -0400 (EDT) (envelope-from andy) Message-Id: <200209020032.g820Wwb4088299@wantpackets.com> Date: Sun, 1 Sep 2002 20:32:58 -0400 (EDT) From: Andy@wantpackets.com Reply-To: andy@wantpackets.com To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Subject: bin/42304: incorrect ipfw parsing causes segfault Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >Number: 42304 >Category: bin >Synopsis: incorrect ipfw parsing causes segfault >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sun Sep 01 17:30:12 PDT 2002 >Closed-Date: >Last-Modified: >Originator: Andy >Release: FreeBSD 4.6-RELEASE-p1 i386 >Organization: >Environment: System: FreeBSD wantpackets.com 4.6-RELEASE-p1 FreeBSD 4.6-RELEASE-p1 #1: Fri Jun 28 06:20:15 EDT 2002 andy@wantpackets.com:/usr/obj/usr/src/sys/WANTPACKETS i386 >Description: typing ipfw add unreach segfaults ipfw. incorrect handling of null strings. >How-To-Repeat: typing ipfw add unreach segfaults ipfw. >Fix: Patch is here: --- ipfw.c Sun Sep 1 20:13:46 2002 +++ ipfw.c-fixed Sun Sep 1 20:16:22 2002 @@ -972,6 +972,9 @@ u_long val; char *s; + if (str == '\0') + errx(EX_DATAERR, "you forgot to specify an icmp spec"); + val = strtoul(str, &s, 0); if (s != str && *s == '\0' && val < 0x100) { *codep = val; >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message