Date: Sat, 14 Mar 2009 20:40:06 +0000 (UTC) From: Pawel Jakub Dawidek <pjd@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r189830 - head/sys/security/mac_portacl Message-ID: <200903142040.n2EKe60h007627@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: pjd Date: Sat Mar 14 20:40:06 2009 New Revision: 189830 URL: http://svn.freebsd.org/changeset/base/189830 Log: - Correct logic in if statement - we want to allocate temporary buffer when someone is passing new rules, not when he only want to read them. Because of this bug, even if the given rules were incorrect, they ended up in rule_string. - Add missing protection for rule_string when coping it. Reviewed by: rwatson MFC after: 1 week Modified: head/sys/security/mac_portacl/mac_portacl.c Modified: head/sys/security/mac_portacl/mac_portacl.c ============================================================================== --- head/sys/security/mac_portacl/mac_portacl.c Sat Mar 14 20:16:54 2009 (r189829) +++ head/sys/security/mac_portacl/mac_portacl.c Sat Mar 14 20:40:06 2009 (r189830) @@ -341,10 +341,12 @@ sysctl_rules(SYSCTL_HANDLER_ARGS) int error; new_string = NULL; - if (req->newptr == NULL) { + if (req->newptr != NULL) { new_string = malloc(MAC_RULE_STRING_LEN, M_PORTACL, M_WAITOK | M_ZERO); + mtx_lock(&rule_mtx); strcpy(new_string, rule_string); + mtx_unlock(&rule_mtx); string = new_string; } else string = rule_string;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200903142040.n2EKe60h007627>