svn commit: r224044 - head/sys/net
Mark Peek
mp at FreeBSD.org
Thu Jul 14 21:06:23 UTC 2011
Author: mp
Date: Thu Jul 14 21:06:22 2011
New Revision: 224044
URL: http://svn.freebsd.org/changeset/base/224044
Log:
Clear the filter memory area before using it. Leaving it uninitialized may
leak previous kernel stack contents through a malicioius BPF filter.
PR: kern/158880
Submitted by: Guy Harris
Obtained from: OpenBSD
MFC after: 1 week
Modified:
head/sys/net/bpf_filter.c
Modified: head/sys/net/bpf_filter.c
==============================================================================
--- head/sys/net/bpf_filter.c Thu Jul 14 21:02:15 2011 (r224043)
+++ head/sys/net/bpf_filter.c Thu Jul 14 21:06:22 2011 (r224044)
@@ -177,6 +177,8 @@ bpf_filter(const struct bpf_insn *pc, u_
bpf_u_int32 k;
u_int32_t mem[BPF_MEMWORDS];
+ bzero(mem, sizeof(mem));
+
if (pc == NULL)
/*
* No filter means accept all.
More information about the svn-src-all
mailing list