Don't leak information via uninitialized space in db(3) records. [09:07]releng/7.0

Sanity-check string lengths in order to stop OpenSSL crashing
when printing corrupt BMPString or UniversalString objects. [09:08]

Security:	FreeBSD-SA-09:07.libc
Security:	FreeBSD-SA-09:08.openssl
Security:	CVE-2009-0590
Approved by:	re (kensmith)
Approved by:	so (cperciva)

1 files changed, 1 insertions, 1 deletions

diff --git a/lib/libc/db/mpool/mpool.c b/lib/libc/db/mpool/mpool.c
index aedf1fd0115f..24860b2043bd 100644
--- a/lib/libc/db/mpool/mpool.c
+++ b/lib/libc/db/mpool/mpool.c
@@ -343,7 +343,7 @@ mpool_bkt(mp)
 			return (bp);
 		}
 
-new:	if ((bp = (BKT *)malloc(sizeof(BKT) + mp->pagesize)) == NULL)
+new:	if ((bp = (BKT *)calloc(1, sizeof(BKT) + mp->pagesize)) == NULL)
 		return (NULL);
 #ifdef STATISTICS
 	++mp->pagealloc;