diff options
Diffstat (limited to 'freebsd/sys/netpfil/ipfw/ip_fw_sockopt.c')
-rw-r--r-- | freebsd/sys/netpfil/ipfw/ip_fw_sockopt.c | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/freebsd/sys/netpfil/ipfw/ip_fw_sockopt.c b/freebsd/sys/netpfil/ipfw/ip_fw_sockopt.c index 40448a86..95cd8c81 100644 --- a/freebsd/sys/netpfil/ipfw/ip_fw_sockopt.c +++ b/freebsd/sys/netpfil/ipfw/ip_fw_sockopt.c @@ -161,7 +161,7 @@ ipfw_add_rule(struct ip_fw_chain *chain, struct ip_fw *input_rule) int i, l, insert_before; struct ip_fw **map; /* the new array of pointers */ - if (chain->rules == NULL || input_rule->rulenum > IPFW_DEFAULT_RULE-1) + if (chain->map == NULL || input_rule->rulenum > IPFW_DEFAULT_RULE - 1) return (EINVAL); l = RULESIZE(input_rule); @@ -657,7 +657,7 @@ check_ipfw_struct(struct ip_fw *rule, int size) case O_IP_SRC_LOOKUP: case O_IP_DST_LOOKUP: - if (cmd->arg1 >= IPFW_TABLES_MAX) { + if (cmd->arg1 >= V_fw_tables_max) { printf("ipfw: invalid table number %d\n", cmd->arg1); return (EINVAL); @@ -1045,8 +1045,10 @@ ipfw_ctl(struct sockopt *sopt) if (sopt->sopt_valsize == RULESIZE7(rule)) { is7 = 1; error = convert_rule_to_8(rule); - if (error) + if (error) { + free(rule, M_TEMP); return error; + } if (error == 0) error = check_ipfw_struct(rule, RULESIZE(rule)); } else { @@ -1062,11 +1064,13 @@ ipfw_ctl(struct sockopt *sopt) if (is7) { error = convert_rule_to_7(rule); size = RULESIZE7(rule); - if (error) + if (error) { + free(rule, M_TEMP); return error; + } } error = sooptcopyout(sopt, rule, size); - } + } } free(rule, M_TEMP); break; |