d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

When allocation of a socket peer label fails, scrub what was

Browse Source 
successfully initialized in the label as a socket peer label, not a
socket label.  For current policy modules, this didn't make a
difference, but if a policy module had label data in the peer label
that was to be GC'd in a different way than the normal socket label,
it might have been a problem.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
This commit is contained in:
Robert Watson 2003-11-07 22:31:27 +00:00
parent 2331fb5799
commit bea2b56b26
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
sys/security/mac/mac_net.c
View File

@ -222,7 +222,7 @@ mac_init_socket_peer_label(struct label *label, int flag)
MAC_CHECK(init_socket_peer_label, label, flag);
if (error) {
MAC_PERFORM(destroy_socket_label, label);
MAC_PERFORM(destroy_socket_peer_label, label);
mac_destroy_label(label);
}