[Bug 214881] jail with path=/ and sysctl.disablefullpath=1 leads to NULL dereference

Fri Dec 2 03:34:30 UTC 2016

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=214881

--- Comment #3 from aler at playground.ru ---
Things apprear to be even worse. This code will overwrite root and leak old
reference if path==NULL and root!=NULL.
1218                 if (path == NULL) {
1219                         path = "/";
1220                         root = mypr->pr_root;
1221                         vref(root);
1222                 }
And this exactly happens in case of disablefullpath=1 and path="/".
path==NULL means "nothing done for path"

Adding patch to do proper fix for all this.
Also i can note that pr->pr_path will be anyway unreliable in case of
disablefullpath=1 and relative path given as argument (it doesn't event try to
be). But i don't think it is important for rarely-used (if even used, don't
know) debugging feature.

-- 
You are receiving this mail because:
You are the assignee for the bug.