[Midnightbsd-cvs] src [7936] trunk/usr.sbin/jail: Remember that I'm using length-defined strings in parameters:

Wed Sep 14 17:17:23 EDT 2016

Revision: 7936
          http://svnweb.midnightbsd.org/src/?rev=7936
Author:   laffer1
Date:     2016-09-14 17:17:23 -0400 (Wed, 14 Sep 2016)
Log Message:
-----------
 Remember that I'm using length-defined strings in parameters:

  Remove a bogus null terminator when stripping the netmask from
  IP addresses.  This was causing later addresses in a comma-separated
  string to disappear.

  Use memcpy instead of strcpy.  This could just cause Bad Things.

 Pre-separate IP addresses passed on the command line, so they can be
 properly parsed for interface prefixes and netmask suffixes.  This was
 already done for the old-style (fixed) command line, but missed for
 the new-style.

Partially roll back r239601 - keep parameter strings both length-delimited
 and null-terminated at the same time, because they're later passed to
 libjail as null-terminated.  That means I also need to add a nul byte when
 comma-combining array parameters.

Obtained from FreeBSD

Revision Links:
--------------
    http://svnweb.midnightbsd.org/src/?rev=239601

Modified Paths:
--------------
    trunk/usr.sbin/jail/config.c
    trunk/usr.sbin/jail/jail.c

Modified: trunk/usr.sbin/jail/config.c
===================================================================

--- trunk/usr.sbin/jail/config.c	2016-09-14 21:15:26 UTC (rev 7935)
+++ trunk/usr.sbin/jail/config.c	2016-09-14 21:17:23 UTC (rev 7936)
@@ -597,7 +597,7 @@
 					error = -1;	
 				}
 				*cs = '\0';
-				s->len = cs - s->s + 1;
+				s->len = cs - s->s;
 			}
 		}
 	}
@@ -621,7 +621,7 @@
 					error = -1;	
 				}
 				*cs = '\0';
-				s->len = cs - s->s + 1;
+				s->len = cs - s->s;
 			}
 		}
 	}
@@ -713,12 +713,11 @@
 			value = alloca(vallen);
 			cs = value;
 			TAILQ_FOREACH_SAFE(s, &p->val, tq, ts) {
-				strcpy(cs, s->s);
-				if (ts != NULL) {
-					cs += s->len + 1;
-					cs[-1] = ',';
-				}
+				memcpy(cs, s->s, s->len);
+				cs += s->len + 1;
+				cs[-1] = ',';
 			}
+			value[vallen - 1] = '\0';
 		}
 		if (jailparam_import(jp, value) < 0) {
 			error = -1;

Modified: trunk/usr.sbin/jail/jail.c
===================================================================
--- trunk/usr.sbin/jail/jail.c	2016-09-14 21:15:26 UTC (rev 7935)
+++ trunk/usr.sbin/jail/jail.c	2016-09-14 21:17:23 UTC (rev 7936)
@@ -304,9 +304,33 @@
 				for (i++; i < argc; i++)
 					add_param(NULL, NULL, IP_COMMAND,
 					    argv[i]);
-				break;
 			}
-			add_param(NULL, NULL, 0, argv[i]);
+#ifdef INET
+			else if (!strncmp(argv[i], "ip4.addr=", 9)) {
+				for (cs = argv[i] + 9;; cs = ncs + 1) {
+					ncs = strchr(cs, ',');
+					if (ncs)
+						*ncs = '\0';
+					add_param(NULL, NULL, KP_IP4_ADDR, cs);
+					if (!ncs)
+						break;
+				}
+			}
+#endif
+#ifdef INET6
+			else if (!strncmp(argv[i], "ip6.addr=", 9)) {
+				for (cs = argv[i] + 9;; cs = ncs + 1) {
+					ncs = strchr(cs, ',');
+					if (ncs)
+						*ncs = '\0';
+					add_param(NULL, NULL, KP_IP6_ADDR, cs);
+					if (!ncs)
+						break;
+				}
+			}
+#endif
+			else
+				add_param(NULL, NULL, 0, argv[i]);
 		}
 	} else {
 		/* From the config file, perhaps with a specified jail */

