mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-12-22 17:24:23 +01:00
aad65d6f79
under heavy use when default ACLs were bgin inherited by new files
or directories. This is done by removing a bug in default ACL
reading, and improving error handling for this failure case:
- Move the setting of the buffer length (len) variable to above the
ACL type (ap->a_type) switch rather than having it only for
ACL_TYPE_ACCESS. Otherwise, the len variable is unitialized in
the ACL_TYPE_DEFAULT case, which generally worked right, but could
result in failure.
- Add a check for a short/long read of the ACL_TYPE_DEFAULT type from
the underlying EA, resulting in EPERM rather than passing a
potentially corrupted ACL back to the caller (resulting "cleaner"
failures if the EA is damaged: right now, the caller will almost
always panic in the presence of a corrupted EA). This code is similar
to code in the ACL_TYPE_ACCESS handling in the previous switch case.
- While I'm fixing this code, remove a redundant bzero() of the ACL
reader buffer; it need only be initialized above the acl_type
switch.
Obtained from: TrustedBSD Project
|
||
|---|---|---|
| .. | ||
| alpha | ||
| amd64 | ||
| arm/include | ||
| boot | ||
| cam | ||
| coda | ||
| compat | ||
| compile | ||
| conf | ||
| contrib/dev | ||
| crypto | ||
| ddb | ||
| dev | ||
| fs | ||
| geom | ||
| gnu | ||
| i4b | ||
| i386 | ||
| ia64 | ||
| isa | ||
| isofs/cd9660 | ||
| kern | ||
| libkern | ||
| miscfs | ||
| modules | ||
| msdosfs | ||
| net | ||
| netatalk | ||
| netatm | ||
| netgraph | ||
| netinet | ||
| netinet6 | ||
| netipx | ||
| netkey | ||
| netnatm | ||
| netncp | ||
| netns | ||
| nfs | ||
| nfsclient | ||
| nfsserver | ||
| ntfs | ||
| nwfs | ||
| pc98 | ||
| pccard | ||
| pci | ||
| posix4 | ||
| powerpc | ||
| rpc | ||
| svr4 | ||
| sys | ||
| tools | ||
| ufs | ||
| vm | ||
| Makefile | ||