pf: fix incorrect anchor_call to userspace

777a4702c changed how we copy out the anchor_call string, and
incorrectly limited it to 8 (4 on 32-bit systems) bytes. Fix that so we
get the full anchor path, rather than just the first few characters.

PR:		279225
Sponsored by:	Rubicon Communications, LLC ("Netgate")
This commit is contained in:
Kristof Provost
2024-05-24 13:20:12 +02:00
parent cd2054d48b
commit 6ee3e37682
3 changed files with 9 additions and 9 deletions
+1 -1
View File
@@ -2474,7 +2474,7 @@ void pf_init_keth(struct pf_keth_ruleset *);
int pf_kanchor_setup(struct pf_krule *, int pf_kanchor_setup(struct pf_krule *,
const struct pf_kruleset *, const char *); const struct pf_kruleset *, const char *);
int pf_kanchor_copyout(const struct pf_kruleset *, int pf_kanchor_copyout(const struct pf_kruleset *,
const struct pf_krule *, char *); const struct pf_krule *, char *, size_t);
int pf_kanchor_nvcopyout(const struct pf_kruleset *, int pf_kanchor_nvcopyout(const struct pf_kruleset *,
const struct pf_krule *, nvlist_t *); const struct pf_krule *, nvlist_t *);
void pf_kanchor_remove(struct pf_krule *); void pf_kanchor_remove(struct pf_krule *);
+1 -1
View File
@@ -982,7 +982,7 @@ pf_handle_getrule(struct nlmsghdr *hdr, struct nl_pstate *npt)
nlattr_add_u64(nw, PF_RT_STATES_TOTAL, counter_u64_fetch(rule->states_tot)); nlattr_add_u64(nw, PF_RT_STATES_TOTAL, counter_u64_fetch(rule->states_tot));
nlattr_add_u64(nw, PF_RT_SRC_NODES, counter_u64_fetch(rule->src_nodes)); nlattr_add_u64(nw, PF_RT_SRC_NODES, counter_u64_fetch(rule->src_nodes));
error = pf_kanchor_copyout(ruleset, rule, anchor_call); error = pf_kanchor_copyout(ruleset, rule, anchor_call, sizeof(anchor_call));
MPASS(error == 0); MPASS(error == 0);
nlattr_add_string(nw, PF_RT_ANCHOR_CALL, anchor_call); nlattr_add_string(nw, PF_RT_ANCHOR_CALL, anchor_call);
+7 -7
View File
@@ -368,16 +368,16 @@ pf_kanchor_setup(struct pf_krule *r, const struct pf_kruleset *s,
int int
pf_kanchor_copyout(const struct pf_kruleset *rs, const struct pf_krule *r, pf_kanchor_copyout(const struct pf_kruleset *rs, const struct pf_krule *r,
char *anchor_call) char *anchor_call, size_t anchor_call_len)
{ {
anchor_call[0] = 0; anchor_call[0] = 0;
if (r->anchor == NULL) if (r->anchor == NULL)
goto done; goto done;
if (!r->anchor_relative) { if (!r->anchor_relative) {
strlcpy(anchor_call, "/", sizeof(anchor_call)); strlcpy(anchor_call, "/", anchor_call_len);
strlcat(anchor_call, r->anchor->path, strlcat(anchor_call, r->anchor->path,
sizeof(anchor_call)); anchor_call_len);
} else { } else {
char a[MAXPATHLEN]; char a[MAXPATHLEN];
char *p; char *p;
@@ -391,7 +391,7 @@ pf_kanchor_copyout(const struct pf_kruleset *rs, const struct pf_krule *r,
p = a; p = a;
*p = 0; *p = 0;
strlcat(anchor_call, "../", strlcat(anchor_call, "../",
sizeof(anchor_call)); anchor_call_len);
} }
if (strncmp(a, r->anchor->path, strlen(a))) { if (strncmp(a, r->anchor->path, strlen(a))) {
printf("pf_anchor_copyout: '%s' '%s'\n", a, printf("pf_anchor_copyout: '%s' '%s'\n", a,
@@ -400,12 +400,12 @@ pf_kanchor_copyout(const struct pf_kruleset *rs, const struct pf_krule *r,
} }
if (strlen(r->anchor->path) > strlen(a)) if (strlen(r->anchor->path) > strlen(a))
strlcat(anchor_call, r->anchor->path + (a[0] ? strlcat(anchor_call, r->anchor->path + (a[0] ?
strlen(a) + 1 : 0), sizeof(anchor_call)); strlen(a) + 1 : 0), anchor_call_len);
} }
if (r->anchor_wildcard) if (r->anchor_wildcard)
strlcat(anchor_call, anchor_call[0] ? "/*" : "*", strlcat(anchor_call, anchor_call[0] ? "/*" : "*",
sizeof(anchor_call)); anchor_call_len);
done: done:
@@ -419,7 +419,7 @@ pf_kanchor_nvcopyout(const struct pf_kruleset *rs, const struct pf_krule *r,
char anchor_call[MAXPATHLEN] = { 0 }; char anchor_call[MAXPATHLEN] = { 0 };
int ret; int ret;
ret = pf_kanchor_copyout(rs, r, anchor_call); ret = pf_kanchor_copyout(rs, r, anchor_call, sizeof(anchor_call));
MPASS(ret == 0); MPASS(ret == 0);
nvlist_add_string(nvl, "anchor_call", anchor_call); nvlist_add_string(nvl, "anchor_call", anchor_call);