Date: Sun, 17 Jul 2005 20:00:36 GMT From: Robert Watson <rwatson@FreeBSD.org> To: freebsd-bugs@FreeBSD.org Subject: Re: kern/83622: [ patch ] add network interfaces labeling support Message-ID: <200507172000.j6HK0agS067886@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR kern/83622; it has been noted by GNATS. From: Robert Watson <rwatson@FreeBSD.org> To: Roman Bogorodskiy <novel@FreeBSD.org> Cc: FreeBSD-gnats-submit@FreeBSD.org Subject: Re: kern/83622: [ patch ] add network interfaces labeling support Date: Sun, 17 Jul 2005 20:58:54 +0100 (BST) On Sun, 17 Jul 2005, Roman Bogorodskiy wrote: > + case SIOCGIFDESCR: > + strlcpy(ifdescrbuf, ifp->if_description, IFDESCRSIZE); > + error = copyout(ifdescrbuf, ifr->ifr_data, IFDESCRSIZE); > + break; No comment on the patch as a whole just now, but... You should bzero the buffer first, or risk leaking kernel memory (which might include sensitive information, such as passwords that were in socket buffers) to untrusted user space processes. Robert N M Watson
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200507172000.j6HK0agS067886>