From owner-svn-src-all@freebsd.org  Tue Dec 15 17:25:01 2015
Return-Path: <owner-svn-src-all@freebsd.org>
Delivered-To: svn-src-all@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id CCF90A48901;
 Tue, 15 Dec 2015 17:25:01 +0000 (UTC)
 (envelope-from jamie@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 9628614CE;
 Tue, 15 Dec 2015 17:25:01 +0000 (UTC)
 (envelope-from jamie@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id tBFHP0Lo016589;
 Tue, 15 Dec 2015 17:25:00 GMT (envelope-from jamie@FreeBSD.org)
Received: (from jamie@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id tBFHP0RU016588;
 Tue, 15 Dec 2015 17:25:00 GMT (envelope-from jamie@FreeBSD.org)
Message-Id: <201512151725.tBFHP0RU016588@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: jamie set sender to
 jamie@FreeBSD.org using -f
From: Jamie Gritton <jamie@FreeBSD.org>
Date: Tue, 15 Dec 2015 17:25:00 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org
Subject: svn commit: r292277 - head/sys/kern
X-SVN-Group: head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-all@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: "SVN commit messages for the entire src tree \(except for &quot;
 user&quot; and &quot; projects&quot; \)" <svn-src-all.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-all/>
List-Post: <mailto:svn-src-all@freebsd.org>
List-Help: <mailto:svn-src-all-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Dec 2015 17:25:01 -0000

Author: jamie
Date: Tue Dec 15 17:25:00 2015
New Revision: 292277
URL: https://svnweb.freebsd.org/changeset/base/292277

Log:
  Fix jail name checking that disallowed anything that starts with '0'.
  The intention was to just limit leading zeroes on numeric names.  That
  check is now improved to also catch the leading spaces and '+' that
  strtoul can pass through.
  
  PR:		204897
  MFC after:	3 days

Modified:
  head/sys/kern/kern_jail.c

Modified: head/sys/kern/kern_jail.c
==============================================================================
--- head/sys/kern/kern_jail.c	Tue Dec 15 16:04:45 2015	(r292276)
+++ head/sys/kern/kern_jail.c	Tue Dec 15 17:25:00 2015	(r292277)
@@ -1580,11 +1580,14 @@ kern_jail_set(struct thread *td, struct 
 #endif
 	onamelen = namelen = 0;
 	if (name != NULL) {
-		/* Give a default name of the jid. */
+		/* Give a default name of the jid.  Also allow the name to be
+		 * explicitly the jid - but not any other number, and only in
+		 * normal form (no leading zero/etc).
+		 */
 		if (name[0] == '\0')
 			snprintf(name = numbuf, sizeof(numbuf), "%d", jid);
-		else if (*namelc == '0' || (strtoul(namelc, &p, 10) != jid &&
-		    *p == '\0')) {
+		else if ((strtoul(namelc, &p, 10) != jid ||
+			  namelc[0] < '1' || namelc[0] > '9') && *p == '\0') {
 			error = EINVAL;
 			vfs_opterror(opts,
 			    "name cannot be numeric (unless it is the jid)");