From 8182e5f2cfeef051ba43304682a10998f20281d8 Mon Sep 17 00:00:00 2001 From: kevans Date: Fri, 17 Apr 2020 02:09:31 +0000 Subject: [PATCH] audit_canon_path_vp: don't panic if cdir == NULL cdir may have simply failed to resolve (e.g. fget_cap failure in namei leading to NULL dp passed to AUDIT_ARG_UPATH*_VP); restore the pre-rS358191 behavior of setting cpath[0] = '\0' and bailing out instead of panicking. This was found by inadvertently running the libc/c063 tests with auditing enabled, resulting in a panic. Reviewed by: mjg (committed version actually his) Differential Revision: https://reviews.freebsd.org/D24445 --- sys/security/audit/audit_bsm_klib.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/sys/security/audit/audit_bsm_klib.c b/sys/security/audit/audit_bsm_klib.c index 64b7a344a60..c8d602fb692 100644 --- a/sys/security/audit/audit_bsm_klib.c +++ b/sys/security/audit/audit_bsm_klib.c @@ -433,10 +433,15 @@ audit_canon_path_vp(struct thread *td, struct vnode *rdir, struct vnode *cdir, __func__, __FILE__, __LINE__); copy = path; - if (*path == '/') + if (*path == '/') { vp = rdir; - else + } else { + if (cdir == NULL) { + cpath[0] = '\0'; + return; + } vp = cdir; + } MPASS(vp != NULL); /* * NB: We require that the supplied array be at least MAXPATHLEN bytes -- 2.45.0