[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH 09/25] 9pfs: forbid . and .. in file names
|
From: |
Michael Roth |
|
Subject: |
[Qemu-devel] [PATCH 09/25] 9pfs: forbid . and .. in file names |
|
Date: |
Tue, 20 Sep 2016 12:05:25 -0500 |
From: Greg Kurz <address@hidden>
According to the 9P spec http://man.cat-v.org/plan_9/5/open about the
create request:
The names . and .. are special; it is illegal to create files with these
names.
This patch causes the create and lcreate requests to fail with EINVAL if
the file name is either "." or "..".
Even if it isn't explicitly written in the spec, this patch extends the
checking to all requests that may cause a directory entry to be created:
- mknod
- rename
- renameat
- mkdir
- link
- symlink
The unlinkat request also gets patched for consistency (even if
rmdir("foo/..") is expected to fail according to POSIX.1-2001).
The various error values come from the linux manual pages.
Suggested-by: Peter Maydell <address@hidden>
Signed-off-by: Greg Kurz <address@hidden>
Reviewed-by: Eric Blake <address@hidden>
Reviewed-by: Michael S. Tsirkin <address@hidden>
Signed-off-by: Peter Maydell <address@hidden>
(cherry picked from commit 805b5d98c649d26fc44d2d7755a97f18e62b438a)
Signed-off-by: Michael Roth <address@hidden>
---
hw/9pfs/9p.c | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 51 insertions(+)
diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
index 53c466b..1e96427 100644
--- a/hw/9pfs/9p.c
+++ b/hw/9pfs/9p.c
@@ -1495,6 +1495,11 @@ static void v9fs_lcreate(void *opaque)
goto out_nofid;
}
+ if (!strcmp(".", name.data) || !strcmp("..", name.data)) {
+ err = -EEXIST;
+ goto out_nofid;
+ }
+
fidp = get_fid(pdu, dfid);
if (fidp == NULL) {
err = -ENOENT;
@@ -2085,6 +2090,11 @@ static void v9fs_create(void *opaque)
goto out_nofid;
}
+ if (!strcmp(".", name.data) || !strcmp("..", name.data)) {
+ err = -EEXIST;
+ goto out_nofid;
+ }
+
fidp = get_fid(pdu, fid);
if (fidp == NULL) {
err = -EINVAL;
@@ -2255,6 +2265,11 @@ static void v9fs_symlink(void *opaque)
goto out_nofid;
}
+ if (!strcmp(".", name.data) || !strcmp("..", name.data)) {
+ err = -EEXIST;
+ goto out_nofid;
+ }
+
dfidp = get_fid(pdu, dfid);
if (dfidp == NULL) {
err = -EINVAL;
@@ -2334,6 +2349,11 @@ static void v9fs_link(void *opaque)
goto out_nofid;
}
+ if (!strcmp(".", name.data) || !strcmp("..", name.data)) {
+ err = -EEXIST;
+ goto out_nofid;
+ }
+
dfidp = get_fid(pdu, dfid);
if (dfidp == NULL) {
err = -ENOENT;
@@ -2422,6 +2442,16 @@ static void v9fs_unlinkat(void *opaque)
goto out_nofid;
}
+ if (!strcmp(".", name.data)) {
+ err = -EINVAL;
+ goto out_nofid;
+ }
+
+ if (!strcmp("..", name.data)) {
+ err = -ENOTEMPTY;
+ goto out_nofid;
+ }
+
dfidp = get_fid(pdu, dfid);
if (dfidp == NULL) {
err = -EINVAL;
@@ -2534,6 +2564,11 @@ static void v9fs_rename(void *opaque)
goto out_nofid;
}
+ if (!strcmp(".", name.data) || !strcmp("..", name.data)) {
+ err = -EISDIR;
+ goto out_nofid;
+ }
+
fidp = get_fid(pdu, fid);
if (fidp == NULL) {
err = -ENOENT;
@@ -2651,6 +2686,12 @@ static void v9fs_renameat(void *opaque)
goto out_err;
}
+ if (!strcmp(".", old_name.data) || !strcmp("..", old_name.data) ||
+ !strcmp(".", new_name.data) || !strcmp("..", new_name.data)) {
+ err = -EISDIR;
+ goto out_err;
+ }
+
v9fs_path_write_lock(s);
err = v9fs_complete_renameat(pdu, olddirfid,
&old_name, newdirfid, &new_name);
@@ -2866,6 +2907,11 @@ static void v9fs_mknod(void *opaque)
goto out_nofid;
}
+ if (!strcmp(".", name.data) || !strcmp("..", name.data)) {
+ err = -EEXIST;
+ goto out_nofid;
+ }
+
fidp = get_fid(pdu, fid);
if (fidp == NULL) {
err = -ENOENT;
@@ -3022,6 +3068,11 @@ static void v9fs_mkdir(void *opaque)
goto out_nofid;
}
+ if (!strcmp(".", name.data) || !strcmp("..", name.data)) {
+ err = -EEXIST;
+ goto out_nofid;
+ }
+
fidp = get_fid(pdu, fid);
if (fidp == NULL) {
err = -ENOENT;
--
1.9.1
- [Qemu-devel] [PATCH 00/25] Patch Round-up for stable 2.6.2, freeze on 2016-08-26, Michael Roth, 2016/09/20
- [Qemu-devel] [PATCH 11/25] virtio: zero vq->inuse in virtio_reset(), Michael Roth, 2016/09/20
- [Qemu-devel] [PATCH 09/25] 9pfs: forbid . and .. in file names,
Michael Roth <=
- [Qemu-devel] [PATCH 10/25] 9pfs: handle walk of ".." in the root directory, Michael Roth, 2016/09/20
- [Qemu-devel] [PATCH 12/25] virtio-balloon: discard virtqueue element on reset, Michael Roth, 2016/09/20
- [Qemu-devel] [PATCH 13/25] vnc: fix qemu crash because of SIGSEGV, Michael Roth, 2016/09/20
- [Qemu-devel] [PATCH 14/25] 9pfs: fix potential segfault during walk, Michael Roth, 2016/09/20
- [Qemu-devel] [PATCH 15/25] scsi: mptsas: use g_new0 to allocate MPTSASRequest object, Michael Roth, 2016/09/20
- [Qemu-devel] [PATCH 22/25] crypto: ensure XTS is only used with ciphers with 16 byte blocks, Michael Roth, 2016/09/20
- [Qemu-devel] [PATCH 16/25] scsi: pvscsi: limit process IO loop to ring size, Michael Roth, 2016/09/20
- [Qemu-devel] [PATCH 18/25] scsi-disk: change disk serial length from 20 to 36, Michael Roth, 2016/09/20
- [Qemu-devel] [PATCH 17/25] qemu-char: avoid segfault if user lacks of permisson of a given logfile, Michael Roth, 2016/09/20
- [Qemu-devel] [PATCH 20/25] scsi: mptconfig: fix an assert expression, Michael Roth, 2016/09/20