Date: Thu, 6 Nov 2025 19:32:32 GMT From: Konstantin Belousov <kib@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: 3f5f52216f7e - main - kern_jail_set(): do not double-free opts Message-ID: <202511061932.5A6JWWtj099221@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch main has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=3f5f52216f7e583aeb5580b13ba0f87e29d1ee43 commit 3f5f52216f7e583aeb5580b13ba0f87e29d1ee43 Author: Konstantin Belousov <kib@FreeBSD.org> AuthorDate: 2025-11-06 05:50:42 +0000 Commit: Konstantin Belousov <kib@FreeBSD.org> CommitDate: 2025-11-06 19:32:16 +0000 kern_jail_set(): do not double-free opts If vfs_buildopts() failed, vfs_freeopts() must not be called. Reported and tested by: pho Reviewed by: jamie Sponsored by: The FreeBSD Foundation MFC after: 3 days Differential revision: https://reviews.freebsd.org/D53612 --- sys/kern/kern_jail.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/sys/kern/kern_jail.c b/sys/kern/kern_jail.c index 523b7e314a10..26a994ef0c32 100644 --- a/sys/kern/kern_jail.c +++ b/sys/kern/kern_jail.c @@ -1065,8 +1065,10 @@ kern_jail_set(struct thread *td, struct uio *optuio, int flags) * than duplicate it under a different name. */ error = vfs_buildopts(optuio, &opts); - if (error) + if (error) { + opts = NULL; goto done_free; + } cuflags = flags & (JAIL_CREATE | JAIL_UPDATE); if (!cuflags) { @@ -2331,7 +2333,8 @@ kern_jail_set(struct thread *td, struct uio *optuio, int flags) (void)kern_close(td, jfd_out); if (g_path != NULL) free(g_path, M_TEMP); - vfs_freeopts(opts); + if (opts != NULL) + vfs_freeopts(opts); prison_free(mypr); return (error); }help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202511061932.5A6JWWtj099221>