mirror of
https://github.com/freebsd/freebsd-src
synced 2024-10-18 06:14:27 +00:00
When allocation of a socket peer label fails, scrub what was
successfully initialized in the label as a socket peer label, not a socket label. For current policy modules, this didn't make a difference, but if a policy module had label data in the peer label that was to be GC'd in a different way than the normal socket label, it might have been a problem. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
This commit is contained in:
parent
2331fb5799
commit
bea2b56b26
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=122260
|
@ -222,7 +222,7 @@ mac_init_socket_peer_label(struct label *label, int flag)
|
|||
|
||||
MAC_CHECK(init_socket_peer_label, label, flag);
|
||||
if (error) {
|
||||
MAC_PERFORM(destroy_socket_label, label);
|
||||
MAC_PERFORM(destroy_socket_peer_label, label);
|
||||
mac_destroy_label(label);
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue