mountfsd: fix potential memleak on malicious json message

This also makes json_log_oom() used on OOM.

Follow-up for 78b40aea611256228e898fc6a6dab414a1798889.

diff --git a/src/mountfsd/mountwork.c b/src/mountfsd/mountwork.c
index d1ed69093982b09e2da44b5bcffdf8272cb95e41..bd5d7a197fc6eb9ebbf9f1ff5506b580c2c6a273 100644 (file)
--- a/src/mountfsd/mountwork.c
+++ b/src/mountfsd/mountwork.c
@@ -65,6 +65,7 @@ static const ImagePolicy image_policy_untrusted = {
 static int json_dispatch_image_options(const char *name, sd_json_variant *variant, sd_json_dispatch_flags_t flags, void *userdata) {
         _cleanup_(mount_options_free_allp) MountOptions *options = NULL;
         MountOptions **p = ASSERT_PTR(userdata);
+        int r;
 
         if (sd_json_variant_is_null(variant)) {
                 *p = mount_options_free_all(*p);
@@ -87,12 +88,12 @@ static int json_dispatch_image_options(const char *name, sd_json_variant *varian
                 if (!options) {
                         options = new0(MountOptions, 1);
                         if (!options)
-                                return -ENOMEM;
+                                return json_log_oom(variant, flags);
                 }
 
-                options->options[pd] = strdup(sd_json_variant_string(e));
-                if (!options->options[pd])
-                        return -ENOMEM;
+                r = free_and_strdup(&options->options[pd], sd_json_variant_string(e));
+                if (r < 0)
+                        return json_log_oom(variant, flags);
         }
 
         mount_options_free_all(*p);