tweak the pflog ifname filter to include the terminating nul.

without this the code effectively just compares the start of the
string, which means you can get a prefix match unexpectedly. including
the nul in the comparison means it only works for whole interface
names, as it was originally intended.

reported by Aner Perez on misc@
ok deraadt@ (who also dug through the history behind this)

diff --git a/lib/libpcap/gencode.c b/lib/libpcap/gencode.c
index d15f174..572e48d 100644 (file)
--- a/lib/libpcap/gencode.c
+++ b/lib/libpcap/gencode.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: gencode.c,v 1.60 2022/02/13 20:02:30 otto Exp $       */
+/*     $OpenBSD: gencode.c,v 1.61 2022/03/28 02:58:06 dlg Exp $        */
 
 /*
  * Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 1998
@@ -3230,7 +3230,7 @@ gen_pf_ifname(char *ifname)
                    len - 1);
                /* NOTREACHED */
        }
-       b0 = gen_bcmp(off, strlen(ifname), ifname);
+       b0 = gen_bcmp(off, strlen(ifname) + 1, ifname);
        return (b0);
 }