[Bug 260958] pfctl: expand_rule: strlcpy
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 260958] pfctl: expand_rule: strlcpy"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 260958] pfctl: expand_rule: strlcpy"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 260958] pfctl: expand_rule: strlcpy"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 260958] pfctl: expand_rule: strlcpy"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 260958] pfctl: expand_rule: strlcpy"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 260958] pfctl: expand_rule: strlcpy"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 05 Jan 2022 18:19:33 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=260958
Bug ID: 260958
Summary: pfctl: expand_rule: strlcpy
Product: Base System
Version: 13.0-STABLE
Hardware: Any
OS: Any
Status: New
Severity: Affects Many People
Priority: ---
Component: kern
Assignee: bugs@FreeBSD.org
Reporter: thomas@gibfest.dk
Hello :)
A fun bug where a long-ish ipv6 address used in a reply-to in a pf ruleset
results in pfctl being unable to parse the ruleset.
The issue boiled down to a one line ruleset, one with a 16 byte address (which
fails) and the other with a 15 byte address (which works).
[tykling@nuc1 ~]$ cat trigger
pass in reply-to { 2001:DB8:1234::5 }
[tykling@nuc1 ~]$ pfctl -nf trigger
pfctl: expand_rule: strlcpy
[tykling@nuc1 ~]$ echo $?
1
[tykling@nuc1 ~]$ cat notrigger
pass in reply-to { 2001:DB8:1234:: }
[tykling@nuc1 ~]$ pfctl -nf notrigger
[tykling@nuc1 ~]$ echo $?
0
[tykling@nuc1 ~]$ uname -a
FreeBSD nuc1.servers.bornhack.org 13.0-STABLE FreeBSD 13.0-STABLE #1
stable/13-d208638c5: Wed Jan 5 13:32:08 UTC 2022
root@nuc1.servers.bornhack.org:/usr/obj/usr/src/amd64.amd64/sys/GENERIC amd64
[tykling@nuc1 ~]$
We first observed this on 12.2-STABLE a while back but I didn't get around to
reporting it until now, so I've just confirmed it is still an issue on a fresh
13-STABLE.
Thanks! :)
--
You are receiving this mail because:
You are the assignee for the bug.