pfctl: ifa_load() in pfctl_parser.c may attempt to read beyond the buffer.

The current ifa_load() is not paranoid enough when it deals with
information which comes from kernel. The function just ignores
sa_len member in socket address returned getifaddrs().

The issue has been reported by anton@. The idea for fix here comes
fromy claudio@.

OK @claudio, @deraadt

Obtained from:	OpenBSD, sashan <sashan@openbsd.org>, a48d060175
Sponsored by:	Rubicon Communications, LLC ("Netgate")

0 files changed, 0 insertions, 0 deletions