Author: cy Date: Wed Jan 30 20:22:33 2019 New Revision: 343590 URL: https://svnweb.freebsd.org/changeset/base/343590
Log: When copying a NAT rule struct to userland for save by ipfs, use the length of the struct in memmove() rather than an unintialized variable. This fixes the first of two kernel page faults when ipfs is invoked. PR: 235110 Reported by: david.boy...@twc.com MFC after: 2 weeks Modified: head/sys/contrib/ipfilter/netinet/ip_nat.c Modified: head/sys/contrib/ipfilter/netinet/ip_nat.c ============================================================================== --- head/sys/contrib/ipfilter/netinet/ip_nat.c Wed Jan 30 19:19:14 2019 (r343589) +++ head/sys/contrib/ipfilter/netinet/ip_nat.c Wed Jan 30 20:22:33 2019 (r343590) @@ -1866,7 +1866,7 @@ ipf_nat_getent(softc, data, getlock) */ if (nat->nat_ptr != NULL) bcopy((char *)nat->nat_ptr, (char *)&ipn->ipn_ipnat, - ipn->ipn_ipnat.in_size); + sizeof(nat->nat_ptr)); /* * If we also know the NAT entry has an associated filter rule, _______________________________________________ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"