aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKristof Provost <kp@FreeBSD.org>2025-01-09 13:31:22 +0000
committerKristof Provost <kp@FreeBSD.org>2025-01-14 08:54:20 +0000
commitd90854a60a919fc574d1786486f85394f53ce2dd (patch)
treee1da53025995c13f73703637f0bae29c88fe52b6
parent3b79f6d2d39405bcac395dc036ceb6f8fd09ce99 (diff)
pf: reset index if it's outside the table
when table content changes we need to reset index to the initial value and do not use the counter; reported by Sebastian Benoit and Daniel Krambrock, tested by Sebastian Benoit, ok henning zinke Obtained from: OpenBSD, mikeb <mikeb@openbsd.org>, dba347c9d1 Sponsored by: Rubicon Communications, LLC ("Netgate")
-rw-r--r--sys/netpfil/pf/pf_table.c6
1 files changed, 3 insertions, 3 deletions
diff --git a/sys/netpfil/pf/pf_table.c b/sys/netpfil/pf/pf_table.c
index 35c9bd4ab655..03efa0b738da 100644
--- a/sys/netpfil/pf/pf_table.c
+++ b/sys/netpfil/pf/pf_table.c
@@ -2269,10 +2269,10 @@ pfr_pool_get(struct pfr_ktable *kt, int *pidx, struct pf_addr *counter,
return (-1);
idx = *pidx;
- if (idx >= 0)
- use_counter = 1;
- if (idx < 0)
+ if (idx < 0 || idx >= kt->pfrkt_cnt)
idx = 0;
+ else if (counter != NULL)
+ use_counter = 1;
startidx = idx;
_next_block: