From a80b42e23f8a495043851f096df720a8375004df Mon Sep 17 00:00:00 2001
From: kettenis <kettenis@openbsd.org>
Date: Tue, 5 May 2026 12:28:59 +0000
Subject: [PATCH] Use the correct struct itemerval when recording the old value
 for ktrace. This fixes a potential information leak from an uninitializes
 stack variable. Found by Frank Denis using the Swival Security Scanner.

ok deraadt@
---
 sys/kern/kern_time.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/sys/kern/kern_time.c b/sys/kern/kern_time.c
index cfca2faf339..5b5026bae0e 100644
--- a/sys/kern/kern_time.c
+++ b/sys/kern/kern_time.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_time.c,v 1.170 2024/10/03 10:18:29 claudio Exp $	*/
+/*	$OpenBSD: kern_time.c,v 1.171 2026/05/05 12:28:59 kettenis Exp $	*/
 /*	$NetBSD: kern_time.c,v 1.20 1996/02/18 11:57:06 fvdl Exp $	*/
 
 /*
@@ -665,7 +665,7 @@ sys_setitimer(struct proc *p, void *v, register_t *retval)
 		error = copyout(&olditv, SCARG(uap, oitv), sizeof(olditv));
 #ifdef KTRACE
 		if (error == 0 && KTRPOINT(p, KTR_STRUCT))
-			ktritimerval(p, &aitv);
+			ktritimerval(p, &olditv);
 #endif
 		return error;
 	}