diff options
| author | rwatson <rwatson@FreeBSD.org> | 2006-12-20 20:40:29 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2006-12-20 20:40:29 +0000 |
| commit | 8fb47d67d7fc598b676a1f2b7e18d3e15914c6fc (patch) | |
| tree | 2bff8b573f53f86d6b5de9b7813415da4cd76d64 | |
| parent | 5749ecccbad7d20ee173362e23264494b4a382c4 (diff) | |
| download | FreeBSD-src-8fb47d67d7fc598b676a1f2b7e18d3e15914c6fc.zip FreeBSD-src-8fb47d67d7fc598b676a1f2b7e18d3e15914c6fc.tar.gz | |
Externalize local stack copy of the ifnet label, rather than the copy on
the ifnet itself. The stack copy has been made while holding the mutex
protecting ifnet labels, so copying from the ifnet copy could result in
an inconsistent version being copied out.
Reported by: Todd.Miller@sparta.com
Obtained from: TrustedBSD Project
MFC after: 3 weeks
| -rw-r--r-- | sys/security/mac/mac_net.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sys/security/mac/mac_net.c b/sys/security/mac/mac_net.c index 7279dc8..11cb92d 100644 --- a/sys/security/mac/mac_net.c +++ b/sys/security/mac/mac_net.c @@ -426,8 +426,8 @@ mac_ioctl_ifnet_get(struct ucred *cred, struct ifreq *ifr, MAC_IFNET_LOCK(ifnet); mac_copy_ifnet_label(ifnet->if_label, intlabel); MAC_IFNET_UNLOCK(ifnet); - error = mac_externalize_ifnet_label(ifnet->if_label, elements, - buffer, mac.m_buflen); + error = mac_externalize_ifnet_label(intlabel, elements, buffer, + mac.m_buflen); mac_ifnet_label_free(intlabel); if (error == 0) error = copyout(buffer, mac.m_string, strlen(buffer)+1); |
