accept_filter: Fix filter parameter handling

For filters which implement accf_create, the setsockopt(2) handler
caches the filter name in the socket, but it also incorrectly frees the
buffer containing the copy, leaving a dangling pointer. Note that no
accept filters provided in the base system are susceptible to this, as
they don't implement accf_create.

Approved by: re (gjb)
Reported by: Alexey Kulaev <alex.qart@gmail.com>
Discussed with: emaste
Security: kernel use-after-free
Sponsored by: The FreeBSD Foundation

(cherry picked from commit 653a437c04440495cd8e7712c7cf39444f26f1ee)
(cherry picked from commit c7d10e7ec872070a40bbddc3158b1997c1df09af)