From 68cc6aa2e93a2a2969eb40b5588452eeb1805fa6 Mon Sep 17 00:00:00 2001 From: Olivier Certner Date: Mon, 27 Apr 2026 18:24:01 +0200 Subject: [PATCH] MAC/do: Constify clone_rules() and clone_exec_paths()'s source argument Defensive programming. Reviewed by: bapt MFC after: 1 month Sponsored by: The FreeBSD Foundation Pull Request: https://ron-dev.freebsd.org/FreeBSD/src/pulls/38 --- sys/security/mac_do/mac_do.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/sys/security/mac_do/mac_do.c b/sys/security/mac_do/mac_do.c index 58abf1a8f60..7a08cdd5425 100644 --- a/sys/security/mac_do/mac_do.c +++ b/sys/security/mac_do/mac_do.c @@ -1350,7 +1350,7 @@ set_default_conf(struct prison *const pr) */ static void -clone_rules(struct rules *dst, struct rules *const src) +clone_rules(struct rules *const dst, const struct rules *const src) { struct rule *src_rule, *dst_rule; @@ -1382,7 +1382,8 @@ clone_rules(struct rules *dst, struct rules *const src) } static void -clone_exec_paths(struct exec_paths *dst, struct exec_paths *const src) +clone_exec_paths(struct exec_paths *const dst, + const struct exec_paths *const src) { bzero(dst, sizeof(*dst)); dst->exec_path_count = src->exec_path_count;