d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Initialize scratch memory for JIT-compiled filter when it is allocated.

Browse Source 
Previously it may have contained unnecessary (even sensitive) data from
the previous allocation.
As a (good) side effect, scratch memory may be used to store the previous
filter state(s) safely because it is allocated and freed with filter itself.
However, use it carefully because bpf_filter(9) does not have this behavior.

MFC after:	3 days
This commit is contained in:
Jung-uk Kim 2008-08-28 16:40:51 +00:00
parent 3337af98b4
commit 06302de20d
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=182376
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
sys/net/bpf_jitter.c
View File

@ -42,6 +42,7 @@ __FBSDID("$FreeBSD$");
#include <sys/sysctl.h>
#else
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
#endif
@ -67,7 +68,7 @@ bpf_jitter(struct bpf_insn *fp, int nins)
/* Allocate the filter structure */
filter = (struct bpf_jit_filter *)malloc(sizeof(*filter),
M_BPFJIT, M_NOWAIT);
M_BPFJIT, M_NOWAIT | M_ZERO);
if (filter == NULL)
return (NULL);
@ -104,6 +105,7 @@ bpf_jitter(struct bpf_insn *fp, int nins)
filter = (struct bpf_jit_filter *)malloc(sizeof(*filter));
if (filter == NULL)
return (NULL);
memset(filter, 0, sizeof(*filter));
/* No filter means accept all */
if (fp == NULL || nins == 0) {