From 2e5f5e3c6d3716aec736474a198de5f7746a5450 Mon Sep 17 00:00:00 2001
From: Richard Braun <rbraun@sceen.net>
Date: Fri, 18 Oct 2013 01:16:08 +0200
Subject: pflocal: fix port leak when receiving port rights

The socket_send and socket_recv routines can be used to transmit port
rights along data. Unfortunately, pflocal retains a copy of these rights
in the socket_recv RPC. These lingering references would in turn lead to
other leaks in servers waiting for a no-sender notification to clean
their resources. Since these copied rights aren't used at all by the
server, it is safe to simply move them to the recipient instead.

* pflocal/socket.c (S_socket_recv): Transmit port rights using
MACH_MSG_TYPE_MOVE_SEND transfer type instead of MACH_MSG_TYPE_COPY_SEND.
---
 pflocal/socket.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'pflocal/socket.c')

diff --git a/pflocal/socket.c b/pflocal/socket.c
index 6723734c..c5c97352 100644
--- a/pflocal/socket.c
+++ b/pflocal/socket.c
@@ -401,7 +401,7 @@ S_socket_recv (struct sock_user *user,
     /* Setup mach ports for return.  */
     {
       *addr_type = MACH_MSG_TYPE_MAKE_SEND;
-      *ports_type = MACH_MSG_TYPE_COPY_SEND;
+      *ports_type = MACH_MSG_TYPE_MOVE_SEND;
       if (source_addr)
 	{
 	  *addr = ports_get_right (source_addr);
-- 
cgit v1.2.3