Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 3 Mar 2017 20:22:42 +0000 (UTC)
From:      "Andrey V. Elsukov" <ae@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r314614 - head/sys/netpfil/ipfw
Message-ID:  <201703032022.v23KMg7h062957@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: ae
Date: Fri Mar  3 20:22:42 2017
New Revision: 314614
URL: https://svnweb.freebsd.org/changeset/base/314614

Log:
  Fix matching table entry value. Use real table value instead of its index
  in valuestate array.
  
  When opcode has size equal to ipfw_insn_u32, this means that it should
  additionally match value specified in d[0] with table entry value.
  ipfw_table_lookup() returns table value index, use TARG_VAL() macro to
  convert it to its value. The actual 32-bit value stored in the tag field
  of table_value structure, where all unspecified u32 values are kept.
  
  PR:		217262
  Reviewed by:	melifaro
  MFC after:	1 week
  Sponsored by:	Yandex LLC

Modified:
  head/sys/netpfil/ipfw/ip_fw2.c

Modified: head/sys/netpfil/ipfw/ip_fw2.c
==============================================================================
--- head/sys/netpfil/ipfw/ip_fw2.c	Fri Mar  3 20:15:22 2017	(r314613)
+++ head/sys/netpfil/ipfw/ip_fw2.c	Fri Mar  3 20:22:42 2017	(r314614)
@@ -1511,8 +1511,8 @@ do {								\
 				    if (!match)
 					break;
 				    if (cmdlen == F_INSN_SIZE(ipfw_insn_u32))
-					match =
-					    ((ipfw_insn_u32 *)cmd)->d[0] == v;
+					match = ((ipfw_insn_u32 *)cmd)->d[0] ==
+					    TARG_VAL(chain, v, tag);
 				    else
 					tablearg = v;
 				} else if (is_ipv6) {
@@ -1524,7 +1524,8 @@ do {								\
 							sizeof(struct in6_addr),
 							pkey, &v);
 					if (cmdlen == F_INSN_SIZE(ipfw_insn_u32))
-						match = ((ipfw_insn_u32 *)cmd)->d[0] == v;
+						match = ((ipfw_insn_u32 *)cmd)->d[0] ==
+						    TARG_VAL(chain, v, tag);
 					if (match)
 						tablearg = v;
 				}
@@ -1536,7 +1537,8 @@ do {								\
 					match = ipfw_lookup_table_extended(chain,
 					    cmd->arg1, 0, &args->f_id, &v);
 					if (cmdlen == F_INSN_SIZE(ipfw_insn_u32))
-						match = ((ipfw_insn_u32 *)cmd)->d[0] == v;
+						match = ((ipfw_insn_u32 *)cmd)->d[0] ==
+						    TARG_VAL(chain, v, tag);
 					if (match)
 						tablearg = v;
 				}

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201703032022.v23KMg7h062957>