diff options
| author | pluknet <pluknet@FreeBSD.org> | 2013-02-06 15:18:46 +0000 |
|---|---|---|
| committer | pluknet <pluknet@FreeBSD.org> | 2013-02-06 15:18:46 +0000 |
| commit | 85b0c7ccf995a662173c813d3e6cea1b62bee356 (patch) | |
| tree | 40341961dc771fb2d2296102f48a40bd6693285c /sys | |
| parent | 7280eb0924ffd1922c50d6f2fafbd523b47c9210 (diff) | |
| download | FreeBSD-src-85b0c7ccf995a662173c813d3e6cea1b62bee356.zip FreeBSD-src-85b0c7ccf995a662173c813d3e6cea1b62bee356.tar.gz | |
Prezero the acl structure which is to be copied to usermode, to avoid
leakage of the previous content of padding and unitialized fields.
Reported by: Ilia Noskov <noskov@nic.ru>
Reviewed by: kib
MFC after: 1 week
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/kern/vfs_acl.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/sys/kern/vfs_acl.c b/sys/kern/vfs_acl.c index 6d04b04..cc8f682 100644 --- a/sys/kern/vfs_acl.c +++ b/sys/kern/vfs_acl.c @@ -247,7 +247,7 @@ vacl_get_acl(struct thread *td, struct vnode *vp, acl_type_t type, struct acl *inkernelacl; int error; - inkernelacl = acl_alloc(M_WAITOK); + inkernelacl = acl_alloc(M_WAITOK | M_ZERO); vn_lock(vp, LK_EXCLUSIVE | LK_RETRY); #ifdef MAC error = mac_vnode_check_getacl(td->td_ucred, vp, type); |
