Author: maxim
Date: Mon Aug 30 09:29:51 2010
New Revision: 211992
URL: http://svn.freebsd.org/changeset/base/211992
Log:
o Some programs could send broadcast/multicast traffic to ipfw
pseudo-interface. This leads to a panic due to uninitialized
if_broadcastaddr address. Initialize it and implement ip_output()
method to prevent mbuf leak later.
ipfw pseudo-interface should never send anything therefore call
panic(9) in if_start() method.
PR: kern/149807
Submitted by: Dmitrij Tejblum
MFC after: 2 weeks
Modified:
head/sys/netinet/ipfw/ip_fw_log.c
Modified: head/sys/netinet/ipfw/ip_fw_log.c
==============================================================================
--- head/sys/netinet/ipfw/ip_fw_log.c Mon Aug 30 08:23:22 2010
(r211991)
+++ head/sys/netinet/ipfw/ip_fw_log.c Mon Aug 30 09:29:51 2010
(r211992)
@@ -103,6 +103,24 @@ log_dummy(struct ifnet *ifp, u_long cmd,
return EINVAL;
}
+static int
+ipfw_log_output(struct ifnet *ifp, struct mbuf *m,
+ struct sockaddr *dst, struct route *ro)
+{
+ if (m != NULL)
+ m_freem(m);
+ return EINVAL;
+}
+
+static void
+ipfw_log_start(struct ifnet* ifp)
+{
+ panic("ipfw_log_start() must not be called");
+}
+
+static const u_char ipfwbroadcastaddr[6] =
+ { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
+
void
ipfw_log_bpf(int onoff)
{
@@ -119,11 +137,12 @@ ipfw_log_bpf(int onoff)
ifp->if_flags = IFF_UP | IFF_SIMPLEX | IFF_MULTICAST;
ifp->if_init = (void *)log_dummy;
ifp->if_ioctl = log_dummy;
- ifp->if_start = (void *)log_dummy;
- ifp->if_output = (void *)log_dummy;
+ ifp->if_start = ipfw_log_start;
+ ifp->if_output = ipfw_log_output;
ifp->if_addrlen = 6;
ifp->if_hdrlen = 14;
if_attach(ifp);
+ ifp->if_broadcastaddr = ipfwbroadcastaddr;
ifp->if_baudrate = IF_Mbps(10);
bpfattach(ifp, DLT_EN10MB, 14);
log_if = ifp;
_______________________________________________
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
