svn commit: r214108 - stable/8/sys/netinet/ipfw

Maxim Konovalov maxim at FreeBSD.org
Wed Oct 20 12:38:05 UTC 2010 

Author: maxim
Date: Wed Oct 20 12:38:05 2010
New Revision: 214108
URL: http://svn.freebsd.org/changeset/base/214108

Log:
  MFC r211992: some programs could send broadcast/multicast traffic to
  ipfw pseudo-interface.  This leads to a panic due to uninitialized
  if_broadcastaddr address.  Initialize it and implement ip_output()
  method to prevent mbuf leak later.

Modified:
  stable/8/sys/netinet/ipfw/ip_fw_log.c
Directory Properties:
  stable/8/sys/   (props changed)
  stable/8/sys/amd64/include/xen/   (props changed)
  stable/8/sys/cddl/contrib/opensolaris/   (props changed)
  stable/8/sys/contrib/dev/acpica/   (props changed)
  stable/8/sys/contrib/pf/   (props changed)
  stable/8/sys/dev/xen/xenpci/   (props changed)

Modified: stable/8/sys/netinet/ipfw/ip_fw_log.c
==============================================================================
--- stable/8/sys/netinet/ipfw/ip_fw_log.c	Wed Oct 20 09:50:11 2010	(r214107)
+++ stable/8/sys/netinet/ipfw/ip_fw_log.c	Wed Oct 20 12:38:05 2010	(r214108)
@@ -103,6 +103,24 @@ log_dummy(struct ifnet *ifp, u_long cmd,
 	return EINVAL;
 }
 
+static int
+ipfw_log_output(struct ifnet *ifp, struct mbuf *m,
+	struct sockaddr *dst, struct route *ro)
+{
+	if (m != NULL)
+		m_freem(m);
+	return EINVAL;
+}
+
+static void
+ipfw_log_start(struct ifnet* ifp)
+{
+	panic("ipfw_log_start() must not be called");
+}
+
+static const u_char ipfwbroadcastaddr[6] =
+	{ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
+
 void
 ipfw_log_bpf(int onoff)
 {
@@ -119,11 +137,12 @@ ipfw_log_bpf(int onoff)
 		ifp->if_flags = IFF_UP | IFF_SIMPLEX | IFF_MULTICAST;
 		ifp->if_init = (void *)log_dummy;
 		ifp->if_ioctl = log_dummy;
-		ifp->if_start = (void *)log_dummy;
-		ifp->if_output = (void *)log_dummy;
+		ifp->if_start = ipfw_log_start;
+		ifp->if_output = ipfw_log_output;
 		ifp->if_addrlen = 6;
 		ifp->if_hdrlen = 14;
 		if_attach(ifp);
+		ifp->if_broadcastaddr = ipfwbroadcastaddr;
 		ifp->if_baudrate = IF_Mbps(10);
 		bpfattach(ifp, DLT_EN10MB, 14);
 		log_if = ifp;

More information about the svn-src-all mailing list