kernel -- bpf: Clear bpf_filter mem[] to prevent kernel stack leak.
authorVenkatesh Srinivas <me@endeavour.zapto.org>
Sat, 23 Jul 2011 02:20:56 +0000 (19:20 -0700)
committerVenkatesh Srinivas <me@endeavour.zapto.org>
Sat, 23 Jul 2011 02:20:56 +0000 (19:20 -0700)
Submitted by: Guy Harris <guy@alum.mit.edu>

sys/net/bpf_filter.c

index 2f8aac2..ced32b2 100644 (file)
@@ -41,6 +41,7 @@
  * $DragonFly: src/sys/net/bpf_filter.c,v 1.10 2008/01/02 12:30:34 sephe Exp $
  */
 
+#include <sys/systm.h>
 #include <sys/param.h>
 
 #if defined(sparc) || defined(mips) || defined(ibm032)
@@ -181,6 +182,8 @@ bpf_filter(const struct bpf_insn *pc, u_char *p, u_int wirelen, u_int buflen)
        bpf_u_int32 k;
        int32_t mem[BPF_MEMWORDS];
 
+       bzero(mem, sizeof(mem));
+
        if (pc == 0) {
                /*
                 * No filter means accept all.