Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 1 Jun 2020 15:32:14 +0000 (UTC)
From:      Mark Johnston <markj@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r361694 - head/lib/libcasper/services/cap_fileargs
Message-ID:  <202006011532.051FWEAJ068122@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: markj
Date: Mon Jun  1 15:32:13 2020
New Revision: 361694
URL: https://svnweb.freebsd.org/changeset/base/361694

Log:
  cap_fileargs: Fix a descriptor leak in the service process.
  
  The service handler for fileargs_open() tries to pre-open multiple files
  and pass descriptors for each back to the sandboxed process in a single
  message.  This is to amortize the cost of round-trips between the two
  processes.
  
  The service process adds a "cache" nvlist to the reply to "open",
  containing file descriptors for pre-opened files.  However, when adding
  that nvlist to the reply, it was making a copy, effectively leaking the
  cached descriptors.
  
  While here, fix spelling in a local variable name.
  
  PR:		241226
  Reviewed by:	oshogbo
  MFC after:	3 days
  Sponsored by:	The FreeBSD Foundation
  Differential Revision:	https://reviews.freebsd.org/D25095

Modified:
  head/lib/libcasper/services/cap_fileargs/cap_fileargs.c

Modified: head/lib/libcasper/services/cap_fileargs/cap_fileargs.c
==============================================================================
--- head/lib/libcasper/services/cap_fileargs/cap_fileargs.c	Mon Jun  1 10:27:05 2020	(r361693)
+++ head/lib/libcasper/services/cap_fileargs/cap_fileargs.c	Mon Jun  1 15:32:13 2020	(r361694)
@@ -500,7 +500,7 @@ open_file(const char *name)
 
 static void
 fileargs_add_cache(nvlist_t *nvlout, const nvlist_t *limits,
-    const char *curent_name)
+    const char *current_name)
 {
 	int type, i, fd;
 	void *cookie;
@@ -527,9 +527,9 @@ fileargs_add_cache(nvlist_t *nvlout, const nvlist_t *l
 			break;
 		}
 
-		if (type != NV_TYPE_NULL ||
-		    (curent_name != NULL && strcmp(fname, curent_name) == 0)) {
-			curent_name = NULL;
+		if (type != NV_TYPE_NULL || (current_name != NULL &&
+		    strcmp(fname, current_name) == 0)) {
+			current_name = NULL;
 			i--;
 			continue;
 		}
@@ -553,7 +553,7 @@ fileargs_add_cache(nvlist_t *nvlout, const nvlist_t *l
 			nvlist_add_binary(new, "stat", &sb, sizeof(sb));
 		}
 
-		nvlist_add_nvlist(nvlout, fname, new);
+		nvlist_move_nvlist(nvlout, fname, new);
 	}
 	cacheposition = cookie;
 	lastname = fname;

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202006011532.051FWEAJ068122>