From bb4ec289226d61a7b9551649f8c1359e5e285f5c Mon Sep 17 00:00:00 2001
From: Jamie Gritton <jamie@FreeBSD.org>
Date: Thu, 27 Aug 2020 00:17:17 +0000
Subject: [PATCH] Don't allow jail.conf variables to have the same names as
 jail parameters. It was already not allowed in many cases, but crashed
 instead of giving an error.

PR:		248444
---
 usr.sbin/jail/config.c | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/usr.sbin/jail/config.c b/usr.sbin/jail/config.c
index 234c4e257976..e81128ff1b93 100644
--- a/usr.sbin/jail/config.c
+++ b/usr.sbin/jail/config.c
@@ -366,8 +366,13 @@ add_param(struct cfjail *j, const struct cfparam *p, enum intparam ipnum,
 				break;
 	if (dp != NULL) {
 		/* Found it - append or replace. */
+		if ((flags ^ dp->flags) & PF_VAR) {
+			jail_warnx(j, "variable \"$%s\" cannot have the same "
+			    "name as a parameter.", name);
+			return;
+		}
 		if (dp->flags & PF_IMMUTABLE) {
-			jail_warnx(j, "cannot redefine variable \"%s\".",
+			jail_warnx(j, "cannot redefine parameter \"%s\".",
 			    dp->name);
 			return;
 		}
@@ -394,6 +399,14 @@ add_param(struct cfjail *j, const struct cfparam *p, enum intparam ipnum,
 			for (ipnum = IP__NULL + 1; ipnum < IP_NPARAM; ipnum++)
 				if (!(intparams[ipnum].flags & PF_CONV) &&
 				    equalopts(name, intparams[ipnum].name)) {
+					if (flags & PF_VAR) {
+						jail_warnx(j,
+						    "variable \"$%s\" "
+						    "cannot have the same "
+						    "name as a parameter.",
+						    name);
+						return;
+					}
 					j->intparams[ipnum] = np;
 					np->flags |= intparams[ipnum].flags;
 					break;