[src/netbsd-2-0]: src/sys/netinet Pullup patch (requested by darrenr in ticke...

[jmc <jmc%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/a2039fca60a9
branches:  netbsd-2-0
changeset: 562786:a2039fca60a9
user:      jmc <jmc%NetBSD.org@localhost>
date:      Fri Nov 12 04:40:32 2004 +0000

description:
Pullup patch (requested by darrenr in ticket #910)

Fix for previous revision was incorrect. it checks for FI_OOW regardless of what
type of data is stored in the rule (only a valid check for FR_T_IPF rules.)

diffstat:

 sys/netinet/fil.c |  24 ++++++++++++------------
 1 files changed, 12 insertions(+), 12 deletions(-)

diffs (53 lines):

diff -r cf7dff10fd2b -r a2039fca60a9 sys/netinet/fil.c
--- a/sys/netinet/fil.c Wed Oct 13 05:48:45 2004 +0000
+++ b/sys/netinet/fil.c Fri Nov 12 04:40:32 2004 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: fil.c,v 1.61.2.8 2004/10/04 06:04:25 jmc Exp $ */
+/*     $NetBSD: fil.c,v 1.61.2.9 2004/11/12 04:40:32 jmc Exp $ */
 
 /*
  * Copyright (C) 1993-2003 by Darren Reed.
@@ -135,7 +135,7 @@
 #if !defined(lint)
 #if defined(__NetBSD__)
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: fil.c,v 1.61.2.8 2004/10/04 06:04:25 jmc Exp $");
+__KERNEL_RCSID(0, "$NetBSD: fil.c,v 1.61.2.9 2004/11/12 04:40:32 jmc Exp $");
 #else
 static const char sccsid[] = "@(#)fil.c        1.36 6/5/96 (C) 1993-2000 Darren Reed";
 static const char rcsid[] = "@(#)Id: fil.c,v 2.243.2.25 2004/06/30 11:26:08 darrenr Exp";
@@ -4008,15 +4008,6 @@
        }
 
        /*
-        * Allowing a rule with both "keep state" and "with oow" is
-        * pointless because adding a state entry to the table will
-        * fail with the out of window (oow) flag set.
-        */
-       if ((fp->fr_flags & FR_KEEPSTATE)
-           && fp->fr_dun.fru_ipf != NULL && (fp->fr_flx & FI_OOW))
-               return EINVAL;
-
-       /*
         * If the rule is being loaded from user space, i.e. we had to copy it
         * into kernel space, then do not trust the function pointer in the
         * rule.
@@ -4126,8 +4117,17 @@
                break;
 #endif
        case FR_T_IPF :
-               if (fp->fr_dsize == 0)
+               if (fp->fr_dsize != sizeof(fripf_t))
                        return EINVAL;
+
+               /*
+                * Allowing a rule with both "keep state" and "with oow" is
+                * pointless because adding a state entry to the table will
+                * fail with the out of window (oow) flag set.
+                */
+               if ((fp->fr_flags & FR_KEEPSTATE) && (fp->fr_flx & FI_OOW))
+                       return EINVAL;
+
                switch (fp->fr_satype)
                {
                case FRI_BROADCAST :