svn commit: r224044 - head/sys/net

Mark Peek Thu, 14 Jul 2011 14:06:52 -0700

Author: mp
Date: Thu Jul 14 21:06:22 2011
New Revision: 224044
URL: http://svn.freebsd.org/changeset/base/224044


Log:
  Clear the filter memory area before using it. Leaving it uninitialized may
  leak previous kernel stack contents through a malicioius BPF filter.
  
  PR:           kern/158880
  Submitted by: Guy Harris
  Obtained from:        OpenBSD
  MFC after:    1 week

Modified:
  head/sys/net/bpf_filter.c

Modified: head/sys/net/bpf_filter.c
==============================================================================
--- head/sys/net/bpf_filter.c   Thu Jul 14 21:02:15 2011        (r224043)
+++ head/sys/net/bpf_filter.c   Thu Jul 14 21:06:22 2011        (r224044)
@@ -177,6 +177,8 @@ bpf_filter(const struct bpf_insn *pc, u_
        bpf_u_int32 k;
        u_int32_t mem[BPF_MEMWORDS];
 
+       bzero(mem, sizeof(mem));
+
        if (pc == NULL)
                /*
                 * No filter means accept all.
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r224044 - head/sys/net

Reply via email to