From 43f3d8e372839845325e76e5541238ea4bd0dfd3 Mon Sep 17 00:00:00 2001
From: Edward Tomasz Napierala <trasz@FreeBSD.org>
Date: Wed, 26 Sep 2012 07:09:15 +0000
Subject: [PATCH] Fix panic in CTL caused by trying to free invalid pointers
 passed by the userland process via the IOCTL interface.

Reviewed by:	ken@
---
 sys/cam/ctl/ctl.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/sys/cam/ctl/ctl.c b/sys/cam/ctl/ctl.c
index 5b67b8f0a76..718164f3245 100644
--- a/sys/cam/ctl/ctl.c
+++ b/sys/cam/ctl/ctl.c
@@ -2074,6 +2074,11 @@ ctl_copyin_args(int num_be_args, struct ctl_be_arg *be_args,
 	if (args == NULL)
 		goto bailout;
 
+	for (i = 0; i < num_be_args; i++) {
+		args[i].kname = NULL;
+		args[i].kvalue = NULL;
+	}
+
 	for (i = 0; i < num_be_args; i++) {
 		uint8_t *tmpptr;