[Virtio-fs] [PATCH v4 3/3] virtiofsd: prevent opening of special files (CVE-2020-35517)
Stefan Hajnoczi
stefanha at redhat.com
Wed Feb 3 17:06:32 UTC 2021
On Wed, Feb 03, 2021 at 04:57:59PM +0100, Greg Kurz wrote:
> On Wed, 3 Feb 2021 11:37:19 +0000
> Stefan Hajnoczi <stefanha at redhat.com> wrote:
> > static int lo_do_open(struct lo_data *lo, struct lo_inode *inode,
> > - struct fuse_file_info *fi)
> > + int existing_fd, struct fuse_file_info *fi)
> > {
> > - char buf[64];
> > ssize_t fh;
> > - int fd;
> > + int fd = existing_fd;
> >
> > update_open_flags(lo->writeback, lo->allow_direct_io, fi);
> >
> > - sprintf(buf, "%i", inode->fd);
> > - fd = openat(lo->proc_self_fd, buf, fi->flags & ~O_NOFOLLOW);
> > - if (fd == -1) {
> > - return -errno;
> > + if (fd < 0) {
> > + fd = lo_inode_open(lo, inode, fi->flags);
> > + if (fd == -1) {
> > + return -errno;
> > + }
>
> lo_inode_open() returns a negative errno already so
> this should be converted to:
>
> if (fd < 0) {
> return fd;
> }
>
> Apart from that LGTM.
Thanks, will fix.
Stefan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/virtio-fs/attachments/20210203/1dbb3858/attachment.sig>
More information about the Virtio-fs
mailing list