Merge branch 'freebsd/current/main' into hardened/current/master

47355a52 · HardenedBSD Sync Service · 1079b594 · 2e9bc9d1 · 47355a52 · 47355a52
Commit 47355a52 authored Jan 16, 2022 by HardenedBSD Sync Service
--- a/lib/libc/string/strstr.c
+++ b/lib/libc/string/strstr.c
 /*-
- * SPDX-License-Identifier: BSD-3-Clause
+ * SPDX-License-Identifier: MIT
 *
 * Copyright (c) 2005-2014 Rich Felker, et al.
 *
@@ -149,7 +149,7 @@ twoway_strstr(const unsigned char *h, const unsigned char *n)
 	for (;;) {
 		/* Update incremental end-of-haystack pointer */
 		if (z - h < l) {
-			/* Fast estimate for MIN(l,63) */
+			/* Fast estimate for MAX(l,63) */
 			size_t grow = l | 63;
 			const unsigned char *z2 = memchr(z, 0, grow);
 			if (z2) {

--- a/sys/netpfil/pf/pf_ioctl.c
+++ b/sys/netpfil/pf/pf_ioctl.c
@@ -1862,6 +1862,8 @@ pf_ioctl_addrule(struct pf_krule *rule, uint32_t ticket,
 	int			 rs_num;
 	int			 error = 0;

+	mtx_init(&rule->rpool.mtx, "pf_krule_pool", NULL, MTX_DEF);
+
 	if ((rule->return_icmp >> 8) > ICMP_MAXTYPE) {
 		error = EINVAL;
 		goto errout_unlocked;
@@ -2002,7 +2004,6 @@ pf_ioctl_addrule(struct pf_krule *rule, uint32_t ticket,
 	    rule, entries);
 	ruleset->rules[rs_num].inactive.rcount++;

-	mtx_init(&rule->rpool.mtx, "pf_krule_pool", NULL, MTX_DEF);
 	PF_RULES_WUNLOCK();

 	return (0);

--- a/tests/sys/netpfil/pf/ioctl/validation.c
+++ b/tests/sys/netpfil/pf/ioctl/validation.c
@@ -832,6 +832,44 @@ ATF_TC_CLEANUP(tag, tc)
 	COMMON_CLEANUP();
 }

+ATF_TC_WITH_CLEANUP(rpool_mtx);
+ATF_TC_HEAD(rpool_mtx, tc)
+{
+	atf_tc_set_md_var(tc, "require.user", "root");
+}
+
+ATF_TC_BODY(rpool_mtx, tc)
+{
+	struct pfioc_rule rule;
+
+	COMMON_HEAD();
+
+	memset(&rule, 0, sizeof(rule));
+
+	rule.ticket = 0;
+	rule.pool_ticket = 0;
+	rule.anchor[0] = 0;
+
+	rule.rule.return_icmp = 0;
+	bzero(&rule.rule.src, sizeof(rule.rule.src));
+	bzero(&rule.rule.dst, sizeof(rule.rule.dst));
+
+	rule.rule.ifname[0] = 0;
+	rule.rule.action = 0;
+	rule.rule.rtableid = 0;
+
+	rule.rule.tagname[0] = 0;
+	rule.rule.action = 42;
+
+	ioctl(dev, DIOCADDRULE, &rule);
+}
+
+ATF_TC_CLEANUP(rpool_mtx, tc)
+{
+	COMMON_CLEANUP();
+}
+
+
 ATF_TP_ADD_TCS(tp)
 {
 	ATF_TP_ADD_TC(tp, addtables);
@@ -854,6 +892,7 @@ ATF_TP_ADD_TCS(tp)
 	ATF_TP_ADD_TC(tp, commit);
 	ATF_TP_ADD_TC(tp, getsrcnodes);
 	ATF_TP_ADD_TC(tp, tag);
+	ATF_TP_ADD_TC(tp, rpool_mtx);

 	return (atf_no_error());
 }