Author: jamie
Date: Sat Aug 29 22:09:36 2020
New Revision: 364969
URL: https://svnweb.freebsd.org/changeset/base/364969
Log:
Fix a null dereference when debug.disablefullpath=1 and jail created
with path=/.
PR: 214881
Submitted by: aler (at) playground.ru
Reported by: aler (at) playground.ru
Modified:
stable/12/sys/kern/kern_jail.c
Modified: stable/12/sys/kern/kern_jail.c
==============================================================================
--- stable/12/sys/kern/kern_jail.c Sat Aug 29 21:47:49 2020
(r364968)
+++ stable/12/sys/kern/kern_jail.c Sat Aug 29 22:09:36 2020
(r364969)
@@ -943,40 +943,45 @@ kern_jail_set(struct thread *td, struct uio *optuio, i
error = EINVAL;
goto done_free;
}
- NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE,
- path, td);
- error = namei(&nd);
- if (error)
- goto done_free;
- root = nd.ni_vp;
- NDFREE(&nd, NDF_ONLY_PNBUF);
- g_path = malloc(MAXPATHLEN, M_TEMP, M_WAITOK);
- strlcpy(g_path, path, MAXPATHLEN);
- error = vn_path_to_global_path(td, root, g_path, MAXPATHLEN);
- if (error == 0)
- path = g_path;
- else if (error == ENODEV) {
- /* proceed if sysctl debug.disablefullpath == 1 */
- fullpath_disabled = 1;
- if (len < 2 || (len == 2 && path[0] == '/'))
- path = NULL;
- } else {
- /* exit on other errors */
- goto done_free;
- }
- if (root->v_type != VDIR) {
- error = ENOTDIR;
- vput(root);
- goto done_free;
- }
- VOP_UNLOCK(root, 0);
- if (fullpath_disabled) {
- /* Leave room for a real-root full pathname. */
- if (len + (path[0] == '/' && strcmp(mypr->pr_path, "/")
- ? strlen(mypr->pr_path) : 0) > MAXPATHLEN) {
- error = ENAMETOOLONG;
- vrele(root);
+ if (len < 2 || (len == 2 && path[0] == '/'))
+ path = NULL;
+ else
+ {
+ NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE,
+ path, td);
+ error = namei(&nd);
+ if (error)
goto done_free;
+ root = nd.ni_vp;
+ NDFREE(&nd, NDF_ONLY_PNBUF);
+ g_path = malloc(MAXPATHLEN, M_TEMP, M_WAITOK);
+ strlcpy(g_path, path, MAXPATHLEN);
+ error = vn_path_to_global_path(td, root, g_path,
+ MAXPATHLEN);
+ if (error == 0)
+ path = g_path;
+ else if (error == ENODEV) {
+ /* means sysctl debug.disablefullpath == 1 */
+ fullpath_disabled = 1;
+ } else {
+ /* exit on other errors */
+ goto done_free;
+ }
+ if (root->v_type != VDIR) {
+ error = ENOTDIR;
+ vput(root);
+ goto done_free;
+ }
+ VOP_UNLOCK(root, 0);
+ if (fullpath_disabled) {
+ /* Leave room for a real-root full pathname. */
+ if (len + (path[0] == '/' &&
+ strcmp(mypr->pr_path, "/")
+ ? strlen(mypr->pr_path) : 0) > MAXPATHLEN) {
+ error = ENAMETOOLONG;
+ vrele(root);
+ goto done_free;
+ }
}
}
}
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
