From owner-svn-src-head@freebsd.org Tue Aug 14 18:35:34 2018 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0BDEF1080F11; Tue, 14 Aug 2018 18:35:34 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id B368781037; Tue, 14 Aug 2018 18:35:33 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 949411F54E; Tue, 14 Aug 2018 18:35:33 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w7EIZXoo053465; Tue, 14 Aug 2018 18:35:33 GMT (envelope-from kevans@FreeBSD.org) Received: (from kevans@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w7EIZX68053464; Tue, 14 Aug 2018 18:35:33 GMT (envelope-from kevans@FreeBSD.org) Message-Id: <201808141835.w7EIZX68053464@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: kevans set sender to kevans@FreeBSD.org using -f From: Kyle Evans Date: Tue, 14 Aug 2018 18:35:33 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r337805 - head/sbin/bectl X-SVN-Group: head X-SVN-Commit-Author: kevans X-SVN-Commit-Paths: head/sbin/bectl X-SVN-Commit-Revision: 337805 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Aug 2018 18:35:34 -0000 Author: kevans Date: Tue Aug 14 18:35:33 2018 New Revision: 337805 URL: https://svnweb.freebsd.org/changeset/base/337805 Log: bectl(8): Check jailparam_* return values Previous iteration of this assumed that these won't fail because we've already setup the jail param to this point, but the allocations could still fail in pretty bad conditions. Admit that it's possible and return (ENOENT, EINVAL, ENOMEM, or 0) when deleting arguments. EINVAL shouldn't happen since we're passing optarg; which may satisfy *optarg == '\0' but never optarg == NULL. CID: 1394885, 1394901 Modified: head/sbin/bectl/bectl_jail.c Modified: head/sbin/bectl/bectl_jail.c ============================================================================== --- head/sbin/bectl/bectl_jail.c Tue Aug 14 18:17:05 2018 (r337804) +++ head/sbin/bectl/bectl_jail.c Tue Aug 14 18:35:33 2018 (r337805) @@ -44,9 +44,9 @@ __FBSDID("$FreeBSD$"); static void jailparam_grow(void); static void jailparam_add(const char *name, const char *val); -static void jailparam_del(const char *name); +static int jailparam_del(const char *name); static bool jailparam_addarg(char *arg); -static bool jailparam_delarg(char *arg); +static int jailparam_delarg(char *arg); static int bectl_search_jail_paths(const char *mnt); static int bectl_locate_jail(const char *ident); @@ -92,7 +92,7 @@ jailparam_add(const char *name, const char *val) ++jpused; } -static void +static int jailparam_del(const char *name) { int i; @@ -103,21 +103,32 @@ jailparam_del(const char *name) break; } - /* Not found... technically successful */ if (i == jpused) - return; + return (ENOENT); for (; i < jpused - 1; ++i) { val = jailparam_export(&jp[i + 1]); jailparam_free(&jp[i], 1); - jailparam_init(&jp[i], jp[i + 1].jp_name); - jailparam_import(&jp[i], val); + /* + * Given the context, the following will really only fail if + * they can't allocate the copy of the name or value. + */ + if (jailparam_init(&jp[i], jp[i + 1].jp_name) != 0) { + free(val); + return (ENOMEM); + } + if (jailparam_import(&jp[i], val) != 0) { + jailparam_free(&jp[i], 1); + free(val); + return (ENOMEM); + } free(val); } jailparam_free(&jp[i], 1); --jpused; + return (0); } static bool @@ -148,28 +159,27 @@ jailparam_addarg(char *arg) return (true); } -static bool +static int jailparam_delarg(char *arg) { char *name, *val; if (arg == NULL) - return (false); + return (EINVAL); name = arg; if ((val = strchr(name, '=')) != NULL) *val++ = '\0'; if (strcmp(name, "path") == 0) *mnt_loc = '\0'; - jailparam_del(name); - return (true); + return (jailparam_del(name)); } int bectl_cmd_jail(int argc, char *argv[]) { char *bootenv, *mountpoint; - int jid, opt; + int jid, opt, ret; bool default_hostname, default_name; default_hostname = default_name = true; @@ -198,11 +208,16 @@ bectl_cmd_jail(int argc, char *argv[]) } break; case 'u': - if (jailparam_delarg(optarg)) { + if ((ret = jailparam_delarg(optarg)) == 0) { if (strcmp(optarg, "name") == 0) default_name = true; if (strcmp(optarg, "host.hostname") == 0) default_hostname = true; + } else if (ret != ENOENT) { + fprintf(stderr, + "bectl jail: error unsetting \"%s\"\n", + optarg); + return (ret); } break; default: