diff --git a/lib/libjail/jail.c b/lib/libjail/jail.c index 69386e5118b6..af0e40a0dc45 100644 --- a/lib/libjail/jail.c +++ b/lib/libjail/jail.c @@ -885,36 +885,20 @@ jailparam_type(struct jailparam *jp) * the "no" counterpart to a boolean. */ nname = nononame(jp->jp_name); - if (nname != NULL) { - snprintf(desc.s, sizeof(desc.s), SJPARAM ".%s", nname); - free(nname); - miblen = sizeof(mib) - 2 * sizeof(int); - if (sysctl(mib, 2, mib + 2, &miblen, desc.s, - strlen(desc.s)) >= 0) { - mib[1] = 4; - desclen = sizeof(desc); - if (sysctl(mib, (miblen / sizeof(int)) + 2, - &desc, &desclen, NULL, 0) < 0) { - snprintf(jail_errmsg, - JAIL_ERRMSGLEN, - "sysctl(0.4.%s): %s", desc.s, - strerror(errno)); - return (-1); - } - if ((desc.i & CTLTYPE) == CTLTYPE_INT && - desc.s[0] == 'B') { - jp->jp_ctltype = desc.i; - jp->jp_flags |= JP_NOBOOL; - jp->jp_valuelen = sizeof(int); - return (0); - } - } + if (nname == NULL) { + unknown_parameter: + snprintf(jail_errmsg, JAIL_ERRMSGLEN, + "unknown parameter: %s", jp->jp_name); + errno = ENOENT; + return (-1); } - unknown_parameter: - snprintf(jail_errmsg, JAIL_ERRMSGLEN, - "unknown parameter: %s", jp->jp_name); - errno = ENOENT; - return (-1); + snprintf(desc.s, sizeof(desc.s), SJPARAM ".%s", nname); + free(nname); + miblen = sizeof(mib) - 2 * sizeof(int); + if (sysctl(mib, 2, mib + 2, &miblen, desc.s, + strlen(desc.s)) < 0) + goto unknown_parameter; + jp->jp_flags |= JP_NOBOOL; } mib_desc: mib[1] = 4; @@ -925,6 +909,16 @@ jailparam_type(struct jailparam *jp) "sysctl(0.4.%s): %s", jp->jp_name, strerror(errno)); return (-1); } + jp->jp_ctltype = desc.i; + /* If this came from removing a "no", it better be a boolean. */ + if (jp->jp_flags & JP_NOBOOL) { + if ((desc.i & CTLTYPE) == CTLTYPE_INT && desc.s[0] == 'B') { + jp->jp_valuelen = sizeof(int); + return (0); + } + else if ((desc.i & CTLTYPE) != CTLTYPE_NODE) + goto unknown_parameter; + } /* See if this is an array type. */ p = strchr(desc.s, '\0'); isarray = 0; @@ -935,7 +929,6 @@ jailparam_type(struct jailparam *jp) p[-2] = 0; } /* Look for types we understand. */ - jp->jp_ctltype = desc.i; switch (desc.i & CTLTYPE) { case CTLTYPE_INT: if (desc.s[0] == 'B')