From owner-svn-src-all@FreeBSD.ORG Wed Aug 29 18:40:13 2012 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 066FD106566C; Wed, 29 Aug 2012 18:40:13 +0000 (UTC) (envelope-from jamie@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id DB5898FC0A; Wed, 29 Aug 2012 18:40:12 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id q7TIeC4V094869; Wed, 29 Aug 2012 18:40:12 GMT (envelope-from jamie@svn.freebsd.org) Received: (from jamie@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id q7TIeCwh094866; Wed, 29 Aug 2012 18:40:12 GMT (envelope-from jamie@svn.freebsd.org) Message-Id: <201208291840.q7TIeCwh094866@svn.freebsd.org> From: Jamie Gritton Date: Wed, 29 Aug 2012 18:40:12 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r239871 - releng/9.1/usr.sbin/jail X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Aug 2012 18:40:13 -0000 Author: jamie Date: Wed Aug 29 18:40:12 2012 New Revision: 239871 URL: http://svn.freebsd.org/changeset/base/239871 Log: MFS r239854 (including MFC r239601, r239602, r239621): Remember that I'm using length-defined strings in parameters: Don't include the null terminator when recomputing the parameter length when stripping the netmask from IP addresses. This was causing later addresses in a comma-separated string to disappear. Use memcpy instead of strcpy. This could just cause Bad Things. Add a null byte when comma-combining array parameters. Pre-separate IP addresses passed on the command line, so they can be properly parsed for interface prefixes and netmask suffixes. This was already done for the old-style (fixed) command line, but missed for the new-style. PR: 170832 Approved by: re (kib) Modified: releng/9.1/usr.sbin/jail/config.c releng/9.1/usr.sbin/jail/jail.c Directory Properties: releng/9.1/usr.sbin/jail/ (props changed) Modified: releng/9.1/usr.sbin/jail/config.c ============================================================================== --- releng/9.1/usr.sbin/jail/config.c Wed Aug 29 18:37:10 2012 (r239870) +++ releng/9.1/usr.sbin/jail/config.c Wed Aug 29 18:40:12 2012 (r239871) @@ -596,7 +596,7 @@ check_intparams(struct cfjail *j) error = -1; } *cs = '\0'; - s->len = cs - s->s + 1; + s->len = cs - s->s; } } } @@ -620,7 +620,7 @@ check_intparams(struct cfjail *j) error = -1; } *cs = '\0'; - s->len = cs - s->s + 1; + s->len = cs - s->s; } } } @@ -712,12 +712,11 @@ import_params(struct cfjail *j) value = alloca(vallen); cs = value; TAILQ_FOREACH_SAFE(s, &p->val, tq, ts) { - strcpy(cs, s->s); - if (ts != NULL) { - cs += s->len + 1; - cs[-1] = ','; - } + memcpy(cs, s->s, s->len); + cs += s->len + 1; + cs[-1] = ','; } + value[vallen - 1] = '\0'; } if (jailparam_import(jp, value) < 0) { error = -1; Modified: releng/9.1/usr.sbin/jail/jail.c ============================================================================== --- releng/9.1/usr.sbin/jail/jail.c Wed Aug 29 18:37:10 2012 (r239870) +++ releng/9.1/usr.sbin/jail/jail.c Wed Aug 29 18:40:12 2012 (r239871) @@ -304,9 +304,33 @@ main(int argc, char **argv) for (i++; i < argc; i++) add_param(NULL, NULL, IP_COMMAND, argv[i]); - break; } - add_param(NULL, NULL, 0, argv[i]); +#ifdef INET + else if (!strncmp(argv[i], "ip4.addr=", 9)) { + for (cs = argv[i] + 9;; cs = ncs + 1) { + ncs = strchr(cs, ','); + if (ncs) + *ncs = '\0'; + add_param(NULL, NULL, KP_IP4_ADDR, cs); + if (!ncs) + break; + } + } +#endif +#ifdef INET6 + else if (!strncmp(argv[i], "ip6.addr=", 9)) { + for (cs = argv[i] + 9;; cs = ncs + 1) { + ncs = strchr(cs, ','); + if (ncs) + *ncs = '\0'; + add_param(NULL, NULL, KP_IP6_ADDR, cs); + if (!ncs) + break; + } + } +#endif + else + add_param(NULL, NULL, 0, argv[i]); } } else { /* From the config file, perhaps with a specified jail */