[src/trunk]: src/sys/net/npf Add missing cases, to prevent memory corruption.

[maxv <maxv%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/d2fd38c87afc
branches:  trunk
changeset: 942750:d2fd38c87afc
user:      maxv <maxv%NetBSD.org@localhost>
date:      Tue Aug 18 07:53:24 2020 +0000

description:
Add missing cases, to prevent memory corruption.

Reported-by: syzbot+f8b8a689a3560dda27f7%syzkaller.appspotmail.com@localhost

diffstat:

 sys/net/npf/npf_os.c |  14 ++++++++++----
 1 files changed, 10 insertions(+), 4 deletions(-)

diffs (37 lines):

diff -r 83a9b7484353 -r d2fd38c87afc sys/net/npf/npf_os.c
--- a/sys/net/npf/npf_os.c      Tue Aug 18 07:41:41 2020 +0000
+++ b/sys/net/npf/npf_os.c      Tue Aug 18 07:53:24 2020 +0000
@@ -33,7 +33,7 @@
 
 #ifdef _KERNEL
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: npf_os.c,v 1.18 2020/05/30 14:16:56 rmind Exp $");
+__KERNEL_RCSID(0, "$NetBSD: npf_os.c,v 1.19 2020/08/18 07:53:24 maxv Exp $");
 
 #ifdef _KERNEL_OPT
 #include "pf.h"
@@ -268,15 +268,21 @@
        case IOC_NPF_VERSION:
                *(int *)data = NPF_VERSION;
                return 0;
-
        case IOC_NPF_SWITCH:
                return npfctl_switch(data);
-
        case IOC_NPF_TABLE:
                return npfctl_table(npf, data);
-
        case IOC_NPF_STATS:
                return npf_stats_export(npf, data);
+       case IOC_NPF_LOAD:
+       case IOC_NPF_SAVE:
+       case IOC_NPF_RULE:
+       case IOC_NPF_CONN_LOOKUP:
+       case IOC_NPF_TABLE_REPLACE:
+               /* nvlist_ref_t argument, handled below */
+               break;
+       default:
+               return EINVAL;
        }
 
        error = nvlist_copyin(data, &req, NPF_IOCTL_DATA_LIMIT);