kern_jail_set(): do not double-free opts
ClosedPublic
Actions

Authored by kib on Nov 6 2025, 9:34 AM.

Details

Reviewers

Commits

rG3f5f52216f7e: kern_jail_set(): do not double-free opts

Summary

If vfs_buildopts() failed, vfs_freeopts() must not be called.

Reported and tested by: pho

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

kib created this revision.Nov 6 2025, 9:34 AM

Herald added subscribers: olce, imp. · View Herald TranscriptNov 6 2025, 9:34 AM

kib requested review of this revision.Nov 6 2025, 9:34 AM

While I prefer the version I mentioned in the inline notes (it's a little less branchy), I'm also fine with the patch as originally given.

sys/kern/kern_jail.c
1046	This hold is the only reason that vfs_buildopts goes to done_free and doesn't just return outright...
1072	...so we could change the "goto done_free" above to "return (error)", and move "prison_hold(mypr)" here, just before the first of the remaining "goto done" lines...
2336–2337	...and then we wouldn't need to add this test.

This revision is now accepted and ready to land.Nov 6 2025, 5:20 PM

In D53612#1224147, @jamie wrote:

While I prefer the version I mentioned in the inline notes (it's a little less branchy), I'm also fine with the patch as originally given.

I did not wanted to restructure the main flow. If you consider it is worth to, please do as follow-up.

Closed by commit rG3f5f52216f7e: kern_jail_set(): do not double-free opts (authored by kib). · Explain WhyNov 6 2025, 7:33 PM

This revision was automatically updated to reflect the committed changes.

kib added a commit: rG3f5f52216f7e: kern_jail_set(): do not double-free opts.