diff options
author | mp <mp@FreeBSD.org> | 2011-07-14 21:06:22 +0000 |
---|---|---|
committer | mp <mp@FreeBSD.org> | 2011-07-14 21:06:22 +0000 |
commit | f3103cdbe24bf5f2835ae023b75f0fd8ee46b01a (patch) | |
tree | 1b2e401b6c0305e687aac4314303e341d153ef00 /sys | |
parent | 64315b936e23818aee5ad77a4b09aa13d9b17a84 (diff) | |
download | FreeBSD-src-f3103cdbe24bf5f2835ae023b75f0fd8ee46b01a.zip FreeBSD-src-f3103cdbe24bf5f2835ae023b75f0fd8ee46b01a.tar.gz |
Clear the filter memory area before using it. Leaving it uninitialized may
leak previous kernel stack contents through a malicioius BPF filter.
PR: kern/158880
Submitted by: Guy Harris
Obtained from: OpenBSD
MFC after: 1 week
Diffstat (limited to 'sys')
-rw-r--r-- | sys/net/bpf_filter.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/sys/net/bpf_filter.c b/sys/net/bpf_filter.c index 1bd1609..672dfaa 100644 --- a/sys/net/bpf_filter.c +++ b/sys/net/bpf_filter.c @@ -177,6 +177,8 @@ bpf_filter(const struct bpf_insn *pc, u_char *p, u_int wirelen, u_int buflen) bpf_u_int32 k; u_int32_t mem[BPF_MEMWORDS]; + bzero(mem, sizeof(mem)); + if (pc == NULL) /* * No filter means accept all. |