Module Name: src
Committed By: drochner
Date: Wed Jan 19 19:58:02 UTC 2011
Modified Files:
src/sys/dist/pf/net: pf_ioctl.c
Log Message:
make sure the "overload_tbl" member of "struct pf_rule" copied in
from userland is initialized (it is used by the kernel only)
fixes crash or data injection (CVE-2010-3830), usually by root user only
OpenBSD has rewritten the code to start with a zero'd struct and fills
in needed parts only - to be considered in case a newer pf version
is imported.
To generate a diff of this commit:
cvs rdiff -u -r1.42 -r1.43 src/sys/dist/pf/net/pf_ioctl.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
