diff mbox

[OpenWrt-Devel] firewall3: Immediate continue when no source is specified as it is used later on (seg fault)

Message ID 1421148459-7260-1-git-send-email-kim.demey@gmail.com
State Superseded
Headers show

Commit Message

Kim De Mey Jan. 13, 2015, 11:27 a.m. UTC 
A segmentation fault is currently possible when redir->_src is null and later
the check on redir->_src->masq is done in the line:
if (redir->reflection && redir->_dest && redir->_src->masq)

Proposed fix: continue immediately when redir->_src is null.
---
 redirects.c |    4 ++++
 1 file changed, 4 insertions(+)

Comments

Jo-Philipp Wich Jan. 13, 2015, 11:49 a.m. UTC | #1 
Hi,

thank you for the patch.

Since there already is a generic free further down I decided to move the
offending code blocks into the else clause wich sets valid = true, see
http://nbd.name/gitweb.cgi?p=firewall3.git;a=commit;h=adf87f3a36328b949ed777068b14d975b429f9ad

~ Jow
Kim De Mey Jan. 13, 2015, 2:11 p.m. UTC | #2 
On 13 January 2015 at 12:49, Jo-Philipp Wich <jow@openwrt.org> wrote:
> Hi,
>
> thank you for the patch.
>
> Since there already is a generic free further down I decided to move the
> offending code blocks into the else clause wich sets valid = true, see
> http://nbd.name/gitweb.cgi?p=firewall3.git;a=commit;h=adf87f3a36328b949ed777068b14d975b429f9ad
>
> ~ Jow

Hello,

That looks like a cleaner way to fix it indeed. Thanks!

Kim
diff mbox

Patch

diff --git a/redirects.c b/redirects.c
index a30c540..c627607 100644
--- a/redirects.c
+++ b/redirects.c
@@ -306,7 +306,11 @@  fw3_load_redirects(struct fw3_state *state, struct uci_package *p)
 			if (redir->src.any)
 				warn_elem(e, "must not have source '*' for DNAT target");
 			else if (!redir->_src)
+			{
 				warn_elem(e, "has no source specified");
+				fw3_free_redirect(redir);
+				continue;
+			}
 			else
 			{
 				set(redir->_src->flags, FW3_FAMILY_V4, redir->target);