From owner-freebsd-bugs@FreeBSD.ORG Sun Jul 17 20:00:36 2005 Return-Path: X-Original-To: freebsd-bugs@hub.freebsd.org Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 78DF916A41C for ; Sun, 17 Jul 2005 20:00:36 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4DF5743D45 for ; Sun, 17 Jul 2005 20:00:36 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id j6HK0aNX067887 for ; Sun, 17 Jul 2005 20:00:36 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.3/8.13.1/Submit) id j6HK0agS067886; Sun, 17 Jul 2005 20:00:36 GMT (envelope-from gnats) Date: Sun, 17 Jul 2005 20:00:36 GMT Message-Id: <200507172000.j6HK0agS067886@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org From: Robert Watson Cc: Subject: Re: kern/83622: [ patch ] add network interfaces labeling support X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Robert Watson List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Jul 2005 20:00:36 -0000 The following reply was made to PR kern/83622; it has been noted by GNATS. From: Robert Watson To: Roman Bogorodskiy Cc: FreeBSD-gnats-submit@FreeBSD.org Subject: Re: kern/83622: [ patch ] add network interfaces labeling support Date: Sun, 17 Jul 2005 20:58:54 +0100 (BST) On Sun, 17 Jul 2005, Roman Bogorodskiy wrote: > + case SIOCGIFDESCR: > + strlcpy(ifdescrbuf, ifp->if_description, IFDESCRSIZE); > + error = copyout(ifdescrbuf, ifr->ifr_data, IFDESCRSIZE); > + break; No comment on the patch as a whole just now, but... You should bzero the buffer first, or risk leaking kernel memory (which might include sensitive information, such as passwords that were in socket buffers) to untrusted user space processes. Robert N M Watson