Fix some bugs in the previous revision (1.419). Don't perform extra

vfs_rel() on the mountpoint if the MAC checks fail in kern_statfs() and
kern_fstatfs().  Similarly, don't perform an extra vfs_rel() if we get
a doomed vnode in kern_fstatfs(), and handle the case of mp being NULL
(for some doomed vnodes) by conditionalizing the vfs_rel() in
kern_fstatfs() on mp != NULL.

CID:		1517
Found by:	Coverity Prevent (tm) (kern_fstatfs())
Pointy hat to:	jhb
This commit is contained in:
jhb 2006-08-02 15:27:48 +00:00
parent 85eecc09b6
commit 70c20770c0
2 changed files with 8 additions and 18 deletions

View File

@ -253,10 +253,8 @@ kern_statfs(struct thread *td, char *path, enum uio_seg pathseg,
vput(nd.ni_vp);
#ifdef MAC
error = mac_check_mount_stat(td->td_ucred, mp);
if (error) {
vfs_rel(mp);
if (error)
goto out;
}
#endif
/*
* Set these in case the underlying filesystem fails to do so.
@ -335,17 +333,13 @@ kern_fstatfs(struct thread *td, int fd, struct statfs *buf)
VOP_UNLOCK(vp, 0, td);
fdrop(fp, td);
if (vp->v_iflag & VI_DOOMED) {
if (mp)
vfs_rel(mp);
error = EBADF;
goto out;
}
#ifdef MAC
error = mac_check_mount_stat(td->td_ucred, mp);
if (error) {
vfs_rel(mp);
if (error)
goto out;
}
#endif
/*
* Set these in case the underlying filesystem fails to do so.
@ -365,6 +359,7 @@ kern_fstatfs(struct thread *td, int fd, struct statfs *buf)
}
*buf = *sp;
out:
if (mp)
vfs_rel(mp);
VFS_UNLOCK_GIANT(vfslocked);
return (error);

View File

@ -253,10 +253,8 @@ kern_statfs(struct thread *td, char *path, enum uio_seg pathseg,
vput(nd.ni_vp);
#ifdef MAC
error = mac_check_mount_stat(td->td_ucred, mp);
if (error) {
vfs_rel(mp);
if (error)
goto out;
}
#endif
/*
* Set these in case the underlying filesystem fails to do so.
@ -335,17 +333,13 @@ kern_fstatfs(struct thread *td, int fd, struct statfs *buf)
VOP_UNLOCK(vp, 0, td);
fdrop(fp, td);
if (vp->v_iflag & VI_DOOMED) {
if (mp)
vfs_rel(mp);
error = EBADF;
goto out;
}
#ifdef MAC
error = mac_check_mount_stat(td->td_ucred, mp);
if (error) {
vfs_rel(mp);
if (error)
goto out;
}
#endif
/*
* Set these in case the underlying filesystem fails to do so.
@ -365,6 +359,7 @@ kern_fstatfs(struct thread *td, int fd, struct statfs *buf)
}
*buf = *sp;
out:
if (mp)
vfs_rel(mp);
VFS_UNLOCK_GIANT(vfslocked);
return (error);