[Bug 262515] Missing filecaps_free() in many places
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 262515] Missing filecaps_free() in many places"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 262515] Missing filecaps_free() in many places"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 262515] Missing filecaps_free() in many places"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 262515] Missing filecaps_free() in many places"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 262515] Missing filecaps_free() in many places"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 262515] Missing filecaps_free() in many places"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 262515] Missing filecaps_free() in many places"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sun, 13 Mar 2022 01:20:42 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=262515
Bug ID: 262515
Summary: Missing filecaps_free() in many places
Product: Base System
Version: CURRENT
Hardware: Any
OS: Any
Status: New
Severity: Affects Some People
Priority: ---
Component: kern
Assignee: bugs@FreeBSD.org
Reporter: firk@cantconnect.ru
When called with ndp->ni_startdir==NULL && ndp->ni_dirfd!=AT_FDCWD,
namei() -> namei_setup() fills ndp->ni_filecaps via fget_cap() with possibly
(but seems not on most systems) dynamically allocated data.
filecaps_free() is needed somewhere after that, but there is no.
ndp->ni_startdir==NULL && ndp->ni_dirfd!=AT_FDCWD is usually a result of
NDINIT_AT() or NDINIT_ATRIGHTS() macros with externally specified fd.
Found places (I think there is mre):
uipc_usrreq.c uipc_bindat(), unp_connectat()
vfs_cache.c kern___realpathat()
vfs_syscalls() a lot of kern_*at(); kern_openat() is an exception: it has
proper filecaps_free() at least on success branch (but not on errors)
--
You are receiving this mail because:
You are the assignee for the bug.