upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-06-09 08:43:19 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

pfctl: fix crash on "pfctl -a '*' -vvsr"

Browse source 
When printing a nat anchor we don't have rule information, or rule
counters. Do not attempt to print them. The information is nonsensical
anyway, and this can cause a crash converting the timestamp to a string,
as years in the very distant future use more digits, and we exceed the
30 byte buffer allocated for this.

MFC after:	2 weeks
Sponsored by:	Orange Business Services
This commit is contained in:
Kristof Provost 2025-04-14 18:41:00 +02:00
parent 0164dc9851
commit 168d873ae4
1 changed files with 0 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
sbin/pfctl/pfctl.c
View file

@ -1490,7 +1490,6 @@ pfctl_show_nat(int dev, const char *path, int opts, char *anchorname, int depth,
errc(1, ret, "DIOCGETRULESETS");
}
pfctl_print_rule_counters(&rule, opts);
for (nr = 0; nr < mnr; ++nr) {
if ((ret = pfctl_get_ruleset(pfh, npath, nr, &prs)) != 0)
errc(1, ret, "DIOCGETRULESET");