diff options
| author | mm <mm@FreeBSD.org> | 2012-01-21 00:06:21 +0000 |
|---|---|---|
| committer | mm <mm@FreeBSD.org> | 2012-01-21 00:06:21 +0000 |
| commit | ada0b70d26a3437a5149175d48c833919eca8a21 (patch) | |
| tree | 6a9e73e0bbbde16a7d5fbfc390682e3aee8bc8e3 /sys/kern | |
| parent | bba52b62c8461a0fc19c629acf7c64b68d61213d (diff) | |
| download | FreeBSD-src-ada0b70d26a3437a5149175d48c833919eca8a21.zip FreeBSD-src-ada0b70d26a3437a5149175d48c833919eca8a21.tar.gz | |
Use separate buffer for global path to avoid overflow of path buffer.
Reviewed by: jamie@
MFC after: 3 weeks
Diffstat (limited to 'sys/kern')
| -rw-r--r-- | sys/kern/kern_jail.c | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/sys/kern/kern_jail.c b/sys/kern/kern_jail.c index bcb1df9..9f5e8b8 100644 --- a/sys/kern/kern_jail.c +++ b/sys/kern/kern_jail.c @@ -521,6 +521,7 @@ kern_jail_set(struct thread *td, struct uio *optuio, int flags) struct prison *pr, *deadpr, *mypr, *ppr, *tpr; struct vnode *root; char *domain, *errmsg, *host, *name, *namelc, *p, *path, *uuid; + char *g_path; #if defined(INET) || defined(INET6) struct prison *tppr; void *op; @@ -575,6 +576,7 @@ kern_jail_set(struct thread *td, struct uio *optuio, int flags) #ifdef INET6 ip6 = NULL; #endif + g_path = NULL; error = vfs_copyopt(opts, "jid", &jid, sizeof(jid)); if (error == ENOENT) @@ -907,13 +909,17 @@ kern_jail_set(struct thread *td, struct uio *optuio, int flags) vfslocked = NDHASGIANT(&nd); root = nd.ni_vp; NDFREE(&nd, NDF_ONLY_PNBUF); - error = vn_path_to_global_path(td, root, path, MAXPATHLEN); - if (error == ENODEV) { + g_path = malloc(MAXPATHLEN, M_TEMP, M_WAITOK); + strlcpy(g_path, path, MAXPATHLEN); + error = vn_path_to_global_path(td, root, g_path, MAXPATHLEN); + if (error == 0) + path = g_path; + else if (error == ENODEV) { /* proceed if sysctl debug.disablefullpath == 1 */ fullpath_disabled = 1; if (len < 2 || (len == 2 && path[0] == '/')) path = NULL; - } else if (error != 0) { + } else { /* exit on other errors */ VFS_UNLOCK_GIANT(vfslocked); goto done_free; @@ -1819,6 +1825,8 @@ kern_jail_set(struct thread *td, struct uio *optuio, int flags) #ifdef INET6 free(ip6, M_PRISON); #endif + if (g_path != NULL) + free(g_path, M_TEMP); vfs_freeopts(opts); return (error); } |
