- Correct logic in if statement - we want to allocate temporary buffer

when someone is passing new rules, not when he only want to read them. Because of this bug, even if the given rules were incorrect, they ended up in rule_string. - Add missing protection for rule_string when coping it. Reviewed by: rwatson MFC after: 1 week
2009-03-14 20:40:06 +00:00 · 2009-03-14 20:40:06 +00:00 · b67aabcdf8
commit b67aabcdf8
parent 58fce43140
1 changed files with 3 additions and 1 deletions
--- a/sys/security/mac_portacl/mac_portacl.c
+++ b/sys/security/mac_portacl/mac_portacl.c
@ -341,10 +341,12 @@ sysctl_rules(SYSCTL_HANDLER_ARGS)
 	int error;

 	new_string = NULL;
-	if (req->newptr == NULL) {
+	if (req->newptr != NULL) {
 		new_string = malloc(MAC_RULE_STRING_LEN, M_PORTACL,
 		    M_WAITOK | M_ZERO);
+		mtx_lock(&rule_mtx);
 		strcpy(new_string, rule_string);
+		mtx_unlock(&rule_mtx);
 		string = new_string;
 	} else
 		string = rule_string;