CVS commit: src/sys/kern

Fri, 09 Sep 2022 07:30:27 -0700 

Module Name:    src
Committed By:   christos
Date:           Fri Sep  9 14:30:17 UTC 2022

Modified Files:
        src/sys/kern: kern_core.c

Log Message:
Don't forget to free the cred we just held.
Thanks to Chris J-D (chris at accessvector dot net)
While here, de-duplicate the mutex exit sequence.


To generate a diff of this commit:
cvs rdiff -u -r1.35 -r1.36 src/sys/kern/kern_core.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/sys/kern/kern_core.c
diff -u src/sys/kern/kern_core.c:1.35 src/sys/kern/kern_core.c:1.36
--- src/sys/kern/kern_core.c:1.35	Tue Jun 29 18:40:53 2021
+++ src/sys/kern/kern_core.c	Fri Sep  9 10:30:17 2022
@@ -1,4 +1,4 @@
-/*	$NetBSD: kern_core.c,v 1.35 2021/06/29 22:40:53 dholland Exp $	*/
+/*	$NetBSD: kern_core.c,v 1.36 2022/09/09 14:30:17 christos Exp $	*/
 
 /*
  * Copyright (c) 1982, 1986, 1989, 1991, 1993
@@ -37,7 +37,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_core.c,v 1.35 2021/06/29 22:40:53 dholland Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_core.c,v 1.36 2022/09/09 14:30:17 christos Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_execfmt.h"
@@ -121,7 +121,7 @@ coredump(struct lwp *l, const char *patt
 	struct vnode		*vp;
 	struct proc		*p;
 	struct vmspace		*vm;
-	kauth_cred_t		cred;
+	kauth_cred_t		cred = NULL;
 	struct pathbuf		*pb;
 	struct vattr		vattr;
 	struct coredump_iostate	io;
@@ -145,9 +145,7 @@ coredump(struct lwp *l, const char *patt
 	if (USPACE + ctob(vm->vm_dsize + vm->vm_ssize) >=
 	    p->p_rlimit[RLIMIT_CORE].rlim_cur) {
 		error = EFBIG;		/* better error code? */
-		mutex_exit(p->p_lock);
-		mutex_exit(&proc_lock);
-		goto done;
+		goto release;
 	}
 
 	/*
@@ -164,9 +162,7 @@ coredump(struct lwp *l, const char *patt
 	if (p->p_flag & PK_SUGID) {
 		if (!security_setidcore_dump) {
 			error = EPERM;
-			mutex_exit(p->p_lock);
-			mutex_exit(&proc_lock);
-			goto done;
+			goto release;
 		}
 		pattern = security_setidcore_path;
 	}
@@ -180,11 +176,8 @@ coredump(struct lwp *l, const char *patt
 	error = coredump_buildname(p, name, pattern, MAXPATHLEN);
 	mutex_exit(&lim->pl_lock);
 
-	if (error) {
-		mutex_exit(p->p_lock);
-		mutex_exit(&proc_lock);
-		goto done;
-	}
+	if (error)
+		goto release;
 
 	/*
 	 * On a simple filename, see if the filesystem allow us to write
@@ -198,6 +191,7 @@ coredump(struct lwp *l, const char *patt
 			error = EPERM;
 	}
 
+release:
 	mutex_exit(p->p_lock);
 	mutex_exit(&proc_lock);
 	if (error)
@@ -284,6 +278,8 @@ coredump(struct lwp *l, const char *patt
 	if (error == 0)
 		error = error1;
 done:
+	if (cred != NULL)
+		kauth_cred_free(cred);
 	if (name != NULL)
 		PNBUF_PUT(name);
 	return error;

Reply via email to