crtxcr/exile.h
1
0
Fork 0
Code Issues 14 Pull Requests 1 Releases Wiki Activity

perform_mounts(): Fix potential leak and fix iteration

Browse Source 
We would not free 'concat_path' in all potential paths.
Also, the iteration would not continue potentially.

This was case unlikely to be hit in practise.
This commit is contained in:
Albert S. 2022-10-23 19:48:33 +02:00
parent e711a1d53a
commit ff60ec227d
1 changed files with 12 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
exile.c
View File

@ -870,18 +870,18 @@ static int perform_mounts(const char *chroot_target_path, struct exile_path_poli
{ {
while(path_policy != NULL) while(path_policy != NULL)
{ {
int mount_flags = get_policy_mount_flags(path_policy);
char *path_inside_chroot = concat_path(chroot_target_path, path_policy->path);
if(path_inside_chroot == NULL)
{
return 1;
}
//all we do is bind mounts
mount_flags |= MS_BIND;
if(path_policy->policy & EXILE_FS_ALLOW_ALL_READ || path_policy->policy & EXILE_FS_ALLOW_ALL_WRITE) if(path_policy->policy & EXILE_FS_ALLOW_ALL_READ || path_policy->policy & EXILE_FS_ALLOW_ALL_WRITE)
{ {
int mount_flags = get_policy_mount_flags(path_policy);
char *path_inside_chroot = concat_path(chroot_target_path, path_policy->path);
if(path_inside_chroot == NULL)
{
return 1;
}
//all we do is bind mounts
mount_flags |= MS_BIND;
int ret = mount(path_policy->path, path_inside_chroot, NULL, mount_flags, NULL); int ret = mount(path_policy->path, path_inside_chroot, NULL, mount_flags, NULL);
if(ret < 0 ) if(ret < 0 )
{ {
@ -898,9 +898,10 @@ static int perform_mounts(const char *chroot_target_path, struct exile_path_poli
free(path_inside_chroot); free(path_inside_chroot);
return ret; return ret;
} }
path_policy = path_policy->next;
free(path_inside_chroot); free(path_inside_chroot);
} }
path_policy = path_policy->next;
} }
return 0; return 0;
} }