diff options
| author | alfred <alfred@FreeBSD.org> | 2001-05-17 17:59:28 +0000 |
|---|---|---|
| committer | alfred <alfred@FreeBSD.org> | 2001-05-17 17:59:28 +0000 |
| commit | 37f8fb3daa0173a1ecf06ddd072ff203c6b0f18a (patch) | |
| tree | a0d58bdbce4deeecf665d2a3153a490693a5952f /sys | |
| parent | 1db06aeffade6be194b6032ad5e81ae0f9450687 (diff) | |
| download | FreeBSD-src-37f8fb3daa0173a1ecf06ddd072ff203c6b0f18a.zip FreeBSD-src-37f8fb3daa0173a1ecf06ddd072ff203c6b0f18a.tar.gz | |
pipe_create has to zero out the select record earlier to avoid
returning a half-initialized pipe and causing pipeclose() to follow
a junk pointer.
Discovered by: "Nick S" <snicko@noid.org>
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/kern/sys_pipe.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/sys/kern/sys_pipe.c b/sys/kern/sys_pipe.c index 238ace1..aff3347 100644 --- a/sys/kern/sys_pipe.c +++ b/sys/kern/sys_pipe.c @@ -306,6 +306,7 @@ pipe_create(cpipep) * protect so pipeclose() doesn't follow a junk pointer * if pipespace() fails. */ + bzero(&cpipe->pipe_sel, sizeof(cpipe->pipe_sel)); cpipe->pipe_state = 0; cpipe->pipe_peer = NULL; cpipe->pipe_busy = 0; @@ -329,7 +330,6 @@ pipe_create(cpipep) vfs_timestamp(&cpipe->pipe_ctime); cpipe->pipe_atime = cpipe->pipe_ctime; cpipe->pipe_mtime = cpipe->pipe_ctime; - bzero(&cpipe->pipe_sel, sizeof cpipe->pipe_sel); return (0); } |
