From 705746618befcb043232cb6bc8fb61708da3974e Mon Sep 17 00:00:00 2001
From: rwatson <rwatson@FreeBSD.org>
Date: Fri, 22 Oct 2004 11:08:52 +0000
Subject: In the MAC label zone destructor, assert that the label is only
 destroyed in an initialized state.

---
 sys/security/mac/mac_label.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'sys/security/mac/mac_label.c')

diff --git a/sys/security/mac/mac_label.c b/sys/security/mac/mac_label.c
index 19bd5b0..f6d92ef 100644
--- a/sys/security/mac/mac_label.c
+++ b/sys/security/mac/mac_label.c
@@ -1,5 +1,5 @@
 /*-
- * Copyright (c) 2003 Networks Associates Technology, Inc.
+ * Copyright (c) 2003-2004 Networks Associates Technology, Inc.
  * All rights reserved.
  *
  * This software was developed for the FreeBSD Project in part by Network
@@ -76,6 +76,8 @@ mac_labelzone_dtor(void *mem, int size, void *arg)
 
 	KASSERT(size == sizeof(*label), ("mac_labelzone_dtor: wrong size\n"));
 	label = mem;
+	KASSERT(label->l_flags & MAC_FLAG_INITIALIZED,
+	    ("mac_labelzone_dtor: label not initialized"));
 #ifdef DIAGNOSTIC
 	bzero(label, sizeof(*label));
 #else
-- 
cgit v1.1