Date: Thu, 14 Jul 2011 21:06:22 +0000 (UTC) From: Mark Peek <mp@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r224044 - head/sys/net Message-ID: <201107142106.p6EL6MmJ045966@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: mp Date: Thu Jul 14 21:06:22 2011 New Revision: 224044 URL: http://svn.freebsd.org/changeset/base/224044 Log: Clear the filter memory area before using it. Leaving it uninitialized may leak previous kernel stack contents through a malicioius BPF filter. PR: kern/158880 Submitted by: Guy Harris Obtained from: OpenBSD MFC after: 1 week Modified: head/sys/net/bpf_filter.c Modified: head/sys/net/bpf_filter.c ============================================================================== --- head/sys/net/bpf_filter.c Thu Jul 14 21:02:15 2011 (r224043) +++ head/sys/net/bpf_filter.c Thu Jul 14 21:06:22 2011 (r224044) @@ -177,6 +177,8 @@ bpf_filter(const struct bpf_insn *pc, u_ bpf_u_int32 k; u_int32_t mem[BPF_MEMWORDS]; + bzero(mem, sizeof(mem)); + if (pc == NULL) /* * No filter means accept all.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201107142106.p6EL6MmJ045966>