Validate pfra_type after copyin before using it to index an array
Don't trust the value of pfra_type blindly since it's coming from
userland and sanitize it in pfr_validate_addr that is called after
every copyin and also perform the check in pfr_create_kentry before
we attempt to use the value not after.
Coverity CID 1452909, 1453097, 1453384; Severity: Minor
It can be triggered only by root by default or anyone with write
access to /dev/pf if such access is provided.
ok visa, bcook, sashan, jsg
UnifiedSplitRaw