diff options
Diffstat (limited to 'recipes-extended/glusterfs/files/0003-server-protocol-don-t-allow-.-path-in-name.patch')
-rw-r--r-- | recipes-extended/glusterfs/files/0003-server-protocol-don-t-allow-.-path-in-name.patch | 73 |
1 files changed, 0 insertions, 73 deletions
diff --git a/recipes-extended/glusterfs/files/0003-server-protocol-don-t-allow-.-path-in-name.patch b/recipes-extended/glusterfs/files/0003-server-protocol-don-t-allow-.-path-in-name.patch deleted file mode 100644 index e6ef9e39..00000000 --- a/recipes-extended/glusterfs/files/0003-server-protocol-don-t-allow-.-path-in-name.patch +++ /dev/null @@ -1,73 +0,0 @@ -From b89658672d137ef56bd0694457b9125bf7d45ba4 Mon Sep 17 00:00:00 2001 -From: Amar Tumballi <amarts@redhat.com> -Date: Thu, 9 Aug 2018 13:00:01 +0530 -Subject: [PATCH 3/7] server-protocol: don't allow '../' path in 'name' - -This will prevent any arbitrary file creation through glusterfs -by modifying the client bits. - -Also check for the similar flaw inside posix too, so we prevent any -changes in layers in-between. - -Fixes: bz#1625095 - -Signed-off-by: Amar Tumballi <amarts@redhat.com> -Change-Id: Id9fe0ef6e86459e8ed85ab947d977f058c5ae06e - -Upstream-Status: Backport - -Fix CVE-2018-10926 -Fix CVE-2018-10927 -Fix CVE-2018-10928 -Fix CVE-2018-10929 -Fix CVE-2018-10930 - -Signed-off-by: Chen Qi <Qi.Chen@windriver.com> ---- - xlators/protocol/server/src/server-resolve.c | 12 ++++++++++++ - xlators/storage/posix/src/posix-handle.h | 6 ++++++ - 2 files changed, 18 insertions(+) - -diff --git a/xlators/protocol/server/src/server-resolve.c b/xlators/protocol/server/src/server-resolve.c -index d0126aa..aa35685 100644 ---- a/xlators/protocol/server/src/server-resolve.c -+++ b/xlators/protocol/server/src/server-resolve.c -@@ -294,6 +294,18 @@ resolve_entry_simple (call_frame_t *frame) - /* expected @parent was found from the inode cache */ - gf_uuid_copy (state->loc_now->pargfid, resolve->pargfid); - state->loc_now->parent = inode_ref (parent); -+ -+ if (strstr (resolve->bname, "../")) { -+ /* Resolving outside the parent's tree is not allowed */ -+ gf_msg (this->name, GF_LOG_ERROR, EPERM, -+ PS_MSG_GFID_RESOLVE_FAILED, -+ "%s: path sent by client not allowed", -+ resolve->bname); -+ resolve->op_ret = -1; -+ resolve->op_errno = EPERM; -+ ret = 1; -+ goto out; -+ } - state->loc_now->name = resolve->bname; - - inode = inode_grep (state->itable, parent, resolve->bname); -diff --git a/xlators/storage/posix/src/posix-handle.h b/xlators/storage/posix/src/posix-handle.h -index 9af6a7a..6e7a8d2 100644 ---- a/xlators/storage/posix/src/posix-handle.h -+++ b/xlators/storage/posix/src/posix-handle.h -@@ -217,6 +217,12 @@ - break; \ - } \ - \ -+ if (strstr (loc->name, "../")) { \ -+ gf_msg (this->name, GF_LOG_ERROR, 0, P_MSG_ENTRY_HANDLE_CREATE, \ -+ "'../' in name not allowed: (%s)", loc->name); \ -+ op_ret = -1; \ -+ break; \ -+ } \ - if (LOC_HAS_ABSPATH (loc)) { \ - MAKE_REAL_PATH (entp, this, loc->path); \ - __parp = strdupa (entp); \ --- -2.7.4 - |