- Correct logic in if statement - we want to allocate temporary buffer

when someone is passing new rules, not when he only want to read them. Because of this bug, even if the given rules were incorrect, they ended up in rule_string. - Add missing protection for rule_string when coping it. Reviewed by: rwatson MFC after: 1 week
author: pjd <pjd@FreeBSD.org> 2009-03-14 20:40:06 +0000
committer: pjd <pjd@FreeBSD.org> 2009-03-14 20:40:06 +0000
commit: b67aabcdf8d580b9ac413394217e14f8fa1760b6 (patch)
tree: fe0d2395d13c8216fd09352f7797c6411ee100c2 /sys/security/mac_portacl
parent: 58fce43140bb8d3abacea316b6eb11295e7bf210 (diff)
download: FreeBSD-src-b67aabcdf8d580b9ac413394217e14f8fa1760b6.zip
FreeBSD-src-b67aabcdf8d580b9ac413394217e14f8fa1760b6.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/sys/security/mac_portacl/mac_portacl.c b/sys/security/mac_portacl/mac_portacl.c
index aceda69..f54319a 100644
--- a/sys/security/mac_portacl/mac_portacl.c
+++ b/sys/security/mac_portacl/mac_portacl.c
@@ -341,10 +341,12 @@ sysctl_rules(SYSCTL_HANDLER_ARGS)
 	int error;
 
 	new_string = NULL;
-	if (req->newptr == NULL) {
+	if (req->newptr != NULL) {
 		new_string = malloc(MAC_RULE_STRING_LEN, M_PORTACL,
 		    M_WAITOK | M_ZERO);
+		mtx_lock(&rule_mtx);
 		strcpy(new_string, rule_string);
+		mtx_unlock(&rule_mtx);
 		string = new_string;
 	} else
 		string = rule_string;
author	pjd <pjd@FreeBSD.org>	2009-03-14 20:40:06 +0000
committer	pjd <pjd@FreeBSD.org>	2009-03-14 20:40:06 +0000
commit	b67aabcdf8d580b9ac413394217e14f8fa1760b6 (patch)
tree	fe0d2395d13c8216fd09352f7797c6411ee100c2 /sys/security/mac_portacl
parent	58fce43140bb8d3abacea316b6eb11295e7bf210 (diff)
download	FreeBSD-src-b67aabcdf8d580b9ac413394217e14f8fa1760b6.zip FreeBSD-src-b67aabcdf8d580b9ac413394217e14f8fa1760b6.tar.gz