diff options
author | rwatson <rwatson@FreeBSD.org> | 2003-11-07 22:31:27 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2003-11-07 22:31:27 +0000 |
commit | 866f946f371c2b4d26a0fe2566bc63f5245ddb2e (patch) | |
tree | ae9cc8ab9b164b49b0283f8f6e0728d836778f38 /sys/security/mac | |
parent | 1c0b81ebd516504f7edb23aa8bae31bd658b90bc (diff) | |
download | FreeBSD-src-866f946f371c2b4d26a0fe2566bc63f5245ddb2e.zip FreeBSD-src-866f946f371c2b4d26a0fe2566bc63f5245ddb2e.tar.gz |
When allocation of a socket peer label fails, scrub what was
successfully initialized in the label as a socket peer label, not a
socket label. For current policy modules, this didn't make a
difference, but if a policy module had label data in the peer label
that was to be GC'd in a different way than the normal socket label,
it might have been a problem.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
Diffstat (limited to 'sys/security/mac')
-rw-r--r-- | sys/security/mac/mac_net.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/sys/security/mac/mac_net.c b/sys/security/mac/mac_net.c index dc83d41..308231e 100644 --- a/sys/security/mac/mac_net.c +++ b/sys/security/mac/mac_net.c @@ -222,7 +222,7 @@ mac_init_socket_peer_label(struct label *label, int flag) MAC_CHECK(init_socket_peer_label, label, flag); if (error) { - MAC_PERFORM(destroy_socket_label, label); + MAC_PERFORM(destroy_socket_peer_label, label); mac_destroy_label(label); } |