X-Git-Url: https://git.saurik.com/apple/securityd.git/blobdiff_plain/569135f537d6bd5118fa29c2fb4b6d4d436e066e..4cd1cad0dea00daa03e1b54fdf2797a02373ad5b:/src/codesigdb.cpp

diff --git a/src/codesigdb.cpp b/src/codesigdb.cpp
index 8d3a425..c0b7868 100644
--- a/src/codesigdb.cpp
+++ b/src/codesigdb.cpp
@@ -228,13 +228,12 @@ bool CodeSignatures::verify(Process &process,
 {
 	secdebug("codesign", "start verify");
 
-	// if we have no client code, we cannot possibly match this
+	StLock<Mutex> _(process);
 	SecCodeRef code = process.currentGuest();
 	if (!code) {
 		secdebug("codesign", "no code base: fail");
 		return false;
 	}
-	
 	if (SecRequirementRef requirement = verifier.requirement()) {
 		// If the ACL contains a code signature (requirement), we won't match against unsigned code at all.
 		// The legacy hash is ignored (it's for use by pre-Leopard systems).