Date: Thu, 03 Aug 2017 13:05:57 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 221201] [pf] Prevent possible endless loop when searching for an unused nat port Message-ID: <bug-221201-8@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D221201 Bug ID: 221201 Summary: [pf] Prevent possible endless loop when searching for an unused nat port Product: Base System Version: CURRENT Hardware: Any OS: Any Status: New Keywords: patch, security Severity: Affects Some People Priority: --- Component: kern Assignee: freebsd-bugs@FreeBSD.org Reporter: fk@fabiankeil.de Flags: mfc-stable10?, mfc-stable11? Created attachment 184989 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D184989&action= =3Dedit pf_pf_get_sport(): Prevent possible endless loop when searching for an unus= ed nat port Attached is a "port" of Alexander Bluhm's OpenBSD commit r1.60. The first chunk had to be modified because on OpenBSD the 'cut' declaration is located elsewhere. OpenBSD commit message: Use a 32 bit variable to detect integer overflow when searching for an unused nat port. Prevents a possible endless loop if high port is 65535 or low port is 0. report and analysis Jingmin Zhou; OK sashan@ visa@ Quoted from: https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/net/pf_lb.c Upstream report by Jingmin Zhou: https://marc.info/?l=3Dopenbsd-pf&m=3D150020133510896&w=3D2 Obtained from: OpenBSD via ElectroBSD --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-221201-8>