1 files changed, 11 insertions, 8 deletions

diff --git a/sys/net/pf_ruleset.c b/sys/net/pf_ruleset.c
index decb83e036f..b04ab88cc61 100644
--- a/sys/net/pf_ruleset.c
+++ b/sys/net/pf_ruleset.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pf_ruleset.c,v 1.2 2008/12/18 15:31:37 dhill Exp $ */
+/*	$OpenBSD: pf_ruleset.c,v 1.3 2009/01/06 21:57:51 thib Exp $ */
 
 /*
  * Copyright (c) 2001 Daniel Hartmeier
@@ -59,7 +59,7 @@
 # define DPFPRINTF(format, x...)		\
 	if (pf_status.debug >= PF_DEBUG_NOISY)	\
 		printf(format , ##x)
-#define rs_malloc(x)		malloc(x, M_TEMP, M_WAITOK)
+#define rs_malloc(x)		malloc(x, M_TEMP, M_WAITOK|M_CANFAIL|M_ZERO)
 #define rs_free(x)		free(x, M_TEMP)
 
 #else
@@ -70,7 +70,7 @@
 # include <stdio.h>
 # include <stdlib.h>
 # include <string.h>
-# define rs_malloc(x)		 malloc(x)
+# define rs_malloc(x)		 calloc(1, x)
 # define rs_free(x)		 free(x)
 
 # ifdef PFDEBUG
@@ -148,7 +148,8 @@ pf_find_anchor(const char *path)
 	struct pf_anchor	*key, *found;
 
 	key = (struct pf_anchor *)rs_malloc(sizeof(*key));
-	memset(key, 0, sizeof(*key));
+	if (key == NULL)
+		return (NULL);
 	strlcpy(key->path, path, sizeof(key->path));
 	found = RB_FIND(pf_anchor_global, &pf_anchors, key);
 	rs_free(key);
@@ -186,7 +187,8 @@ pf_find_or_create_ruleset(const char *path)
 	if (ruleset != NULL)
 		return (ruleset);
 	p = (char *)rs_malloc(MAXPATHLEN);
-	bzero(p, MAXPATHLEN);
+	if (p == NULL)
+		return (NULL);
 	strlcpy(p, path, MAXPATHLEN);
 	while (parent == NULL && (q = strrchr(p, '/')) != NULL) {
 		*q = 0;
@@ -218,7 +220,6 @@ pf_find_or_create_ruleset(const char *path)
 			rs_free(p);
 			return (NULL);
 		}
-		memset(anchor, 0, sizeof(*anchor));
 		RB_INIT(&anchor->children);
 		strlcpy(anchor->name, q, sizeof(anchor->name));
 		if (parent != NULL) {
@@ -304,7 +305,8 @@ pf_anchor_setup(struct pf_rule *r, const struct pf_ruleset *s,
 	if (!name[0])
 		return (0);
 	path = (char *)rs_malloc(MAXPATHLEN);
-	bzero(path, MAXPATHLEN);
+	if (path == NULL)
+		return (1);
 	if (name[0] == '/')
 		strlcpy(path, name + 1, MAXPATHLEN);
 	else {
@@ -362,7 +364,8 @@ pf_anchor_copyout(const struct pf_ruleset *rs, const struct pf_rule *r,
 		int	 i;
 
 		a = (char *)rs_malloc(MAXPATHLEN);
-		bzero(a, MAXPATHLEN);
+		if (a == NULL)
+			return (1);
 		if (rs->anchor == NULL)
 			a[0] = 0;
 		else