Externalize local stack copy of the ifnet label, rather than the copy on

the ifnet itself. The stack copy has been made while holding the mutex protecting ifnet labels, so copying from the ifnet copy could result in an inconsistent version being copied out. Reported by: Todd.Miller@sparta.com Obtained from: TrustedBSD Project MFC after: 3 weeks
2006-12-20 20:40:29 +00:00 · 2006-12-20 20:40:29 +00:00 · 8f3476b39b
commit 8f3476b39b
parent 17041e6708
1 changed files with 2 additions and 2 deletions
--- a/sys/security/mac/mac_net.c
+++ b/sys/security/mac/mac_net.c
@ -426,8 +426,8 @@ mac_ioctl_ifnet_get(struct ucred *cred, struct ifreq *ifr,
 	MAC_IFNET_LOCK(ifnet);
 	mac_copy_ifnet_label(ifnet->if_label, intlabel);
 	MAC_IFNET_UNLOCK(ifnet);
-	error = mac_externalize_ifnet_label(ifnet->if_label, elements,
-	    buffer, mac.m_buflen);
+	error = mac_externalize_ifnet_label(intlabel, elements, buffer,
+	    mac.m_buflen);
 	mac_ifnet_label_free(intlabel);
 	if (error == 0)
 		error = copyout(buffer, mac.m_string, strlen(buffer)+1);