Here's a diff to move FREF() just after fd_getfile() in getsock(). As explained recently [0], I'd like to make sure all operations manipulating a 'struct file *' do so with a properly refcounted element.
[0] https://marc.info/?l=openbsd-tech&m=152214234530708&w=2 Ok? Index: kern/uipc_syscalls.c =================================================================== RCS file: /cvs/src/sys/kern/uipc_syscalls.c,v retrieving revision 1.167 diff -u -p -r1.167 uipc_syscalls.c --- kern/uipc_syscalls.c 21 Feb 2018 09:30:02 -0000 1.167 +++ kern/uipc_syscalls.c 27 Mar 2018 09:19:37 -0000 @@ -1160,9 +1160,11 @@ getsock(struct proc *p, int fdes, struct if ((fp = fd_getfile(p->p_fd, fdes)) == NULL) return (EBADF); - if (fp->f_type != DTYPE_SOCKET) - return (ENOTSOCK); FREF(fp); + if (fp->f_type != DTYPE_SOCKET) { + FRELE(fp, p); + return (ENOTSOCK); + } *fpp = fp; return (0);
