1 files changed, 0 insertions, 73 deletions

diff --git a/recipes-extended/glusterfs/files/0003-server-protocol-don-t-allow-.-path-in-name.patch b/recipes-extended/glusterfs/files/0003-server-protocol-don-t-allow-.-path-in-name.patch
deleted file mode 100644
index e6ef9e39..00000000
--- a/recipes-extended/glusterfs/files/0003-server-protocol-don-t-allow-.-path-in-name.patch
+++ /dev/null
@@ -1,73 +0,0 @@
-From b89658672d137ef56bd0694457b9125bf7d45ba4 Mon Sep 17 00:00:00 2001
-From: Amar Tumballi <amarts@redhat.com>
-Date: Thu, 9 Aug 2018 13:00:01 +0530
-Subject: [PATCH 3/7] server-protocol: don't allow '../' path in 'name'
-
-This will prevent any arbitrary file creation through glusterfs
-by modifying the client bits.
-
-Also check for the similar flaw inside posix too, so we prevent any
-changes in layers in-between.
-
-Fixes: bz#1625095
-
-Signed-off-by: Amar Tumballi <amarts@redhat.com>
-Change-Id: Id9fe0ef6e86459e8ed85ab947d977f058c5ae06e
-
-Upstream-Status: Backport
-
-Fix CVE-2018-10926
-Fix CVE-2018-10927
-Fix CVE-2018-10928
-Fix CVE-2018-10929
-Fix CVE-2018-10930
-
-Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
----
- xlators/protocol/server/src/server-resolve.c | 12 ++++++++++++
- xlators/storage/posix/src/posix-handle.h     |  6 ++++++
- 2 files changed, 18 insertions(+)
-
-diff --git a/xlators/protocol/server/src/server-resolve.c b/xlators/protocol/server/src/server-resolve.c
-index d0126aa..aa35685 100644
---- a/xlators/protocol/server/src/server-resolve.c
-+++ b/xlators/protocol/server/src/server-resolve.c
-@@ -294,6 +294,18 @@ resolve_entry_simple (call_frame_t *frame)
-         /* expected @parent was found from the inode cache */
-         gf_uuid_copy (state->loc_now->pargfid, resolve->pargfid);
-         state->loc_now->parent = inode_ref (parent);
-+
-+        if (strstr (resolve->bname, "../")) {
-+                /* Resolving outside the parent's tree is not allowed */
-+                gf_msg (this->name, GF_LOG_ERROR, EPERM,
-+                        PS_MSG_GFID_RESOLVE_FAILED,
-+                        "%s: path sent by client not allowed",
-+                        resolve->bname);
-+                resolve->op_ret   = -1;
-+                resolve->op_errno = EPERM;
-+                ret = 1;
-+                goto out;
-+        }
-         state->loc_now->name = resolve->bname;
- 
-         inode = inode_grep (state->itable, parent, resolve->bname);
-diff --git a/xlators/storage/posix/src/posix-handle.h b/xlators/storage/posix/src/posix-handle.h
-index 9af6a7a..6e7a8d2 100644
---- a/xlators/storage/posix/src/posix-handle.h
-+++ b/xlators/storage/posix/src/posix-handle.h
-@@ -217,6 +217,12 @@
-                 break;                                                  \
-         }                                                               \
-                                                                         \
-+        if (strstr (loc->name, "../")) {                                \
-+                gf_msg (this->name, GF_LOG_ERROR, 0, P_MSG_ENTRY_HANDLE_CREATE, \
-+                        "'../' in name not allowed: (%s)", loc->name); \
-+                op_ret = -1;                                            \
-+                break;                                                  \
-+        }                                                               \
-         if (LOC_HAS_ABSPATH (loc)) {                                    \
-                 MAKE_REAL_PATH (entp, this, loc->path);                 \
-                 __parp = strdupa (entp);                                \
--- 
-2.7.4
-