jail: handle jailsys parameters in modification permission test
Avoid a null dereference when a value-less jailsys parameter is passed to "jail -m". There was already code to handle boolean parameters, but in reality any parameter could be passed without a value.
This commit is contained in:
parent
490b09f240
commit
8f1543785f
@ -790,7 +790,9 @@ static int
|
|||||||
rdtun_params(struct cfjail *j, int dofail)
|
rdtun_params(struct cfjail *j, int dofail)
|
||||||
{
|
{
|
||||||
struct jailparam *jp, *rtparams, *rtjp;
|
struct jailparam *jp, *rtparams, *rtjp;
|
||||||
int nrt, rval;
|
const void *jp_value;
|
||||||
|
size_t jp_valuelen;
|
||||||
|
int nrt, rval, bool_true;
|
||||||
|
|
||||||
if (j->flags & JF_RDTUN)
|
if (j->flags & JF_RDTUN)
|
||||||
return 0;
|
return 0;
|
||||||
@ -818,15 +820,25 @@ rdtun_params(struct cfjail *j, int dofail)
|
|||||||
rtjp = rtparams + 1;
|
rtjp = rtparams + 1;
|
||||||
for (jp = j->jp; rtjp < rtparams + nrt; jp++) {
|
for (jp = j->jp; rtjp < rtparams + nrt; jp++) {
|
||||||
if (JP_RDTUN(jp) && strcmp(jp->jp_name, "jid")) {
|
if (JP_RDTUN(jp) && strcmp(jp->jp_name, "jid")) {
|
||||||
if (!((jp->jp_flags & (JP_BOOL | JP_NOBOOL)) &&
|
jp_value = jp->jp_value;
|
||||||
jp->jp_valuelen == 0 &&
|
jp_valuelen = jp->jp_valuelen;
|
||||||
*(int *)jp->jp_value) &&
|
if (jp_value == NULL && jp_valuelen > 0) {
|
||||||
!(rtjp->jp_valuelen == jp->jp_valuelen &&
|
if (jp->jp_flags & (JP_BOOL |
|
||||||
!((jp->jp_ctltype & CTLTYPE) ==
|
JP_NOBOOL | JP_JAILSYS)) {
|
||||||
CTLTYPE_STRING ? strncmp(rtjp->jp_value,
|
bool_true = 1;
|
||||||
jp->jp_value, jp->jp_valuelen) :
|
jp_value = &bool_true;
|
||||||
memcmp(rtjp->jp_value, jp->jp_value,
|
jp_valuelen = sizeof(bool_true);
|
||||||
jp->jp_valuelen)))) {
|
} else if ((jp->jp_ctltype & CTLTYPE) ==
|
||||||
|
CTLTYPE_STRING)
|
||||||
|
jp_value = "";
|
||||||
|
else
|
||||||
|
jp_valuelen = 0;
|
||||||
|
}
|
||||||
|
if (rtjp->jp_valuelen != jp_valuelen ||
|
||||||
|
(CTLTYPE_STRING ? strncmp(rtjp->jp_value,
|
||||||
|
jp_value, jp_valuelen)
|
||||||
|
: memcmp(rtjp->jp_value, jp_value,
|
||||||
|
jp_valuelen))) {
|
||||||
if (dofail) {
|
if (dofail) {
|
||||||
jail_warnx(j, "%s cannot be "
|
jail_warnx(j, "%s cannot be "
|
||||||
"changed after creation",
|
"changed after creation",
|
||||||
|
Loading…
Reference in New Issue
Block a user