mirror of
https://github.com/torvalds/linux.git
synced 2025-11-02 09:40:27 +02:00
fs: move name_contains_dotdot() to header
Move the helper from the firmware specific code to a header so we can reuse it for coredump sockets. Link: https://lore.kernel.org/20250612-work-coredump-massage-v1-5-315c0c34ba94@kernel.org Signed-off-by: Christian Brauner <brauner@kernel.org>
This commit is contained in:
Christian Brauner
parent
3a2c977c46
commit
0da3e3822c
2 changed files with 27 additions and 20 deletions
|
|
@ -822,26 +822,6 @@ static void fw_log_firmware_info(const struct firmware *fw, const char *name,
|
|||
{}
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Reject firmware file names with ".." path components.
|
||||
* There are drivers that construct firmware file names from device-supplied
|
||||
* strings, and we don't want some device to be able to tell us "I would like to
|
||||
* be sent my firmware from ../../../etc/shadow, please".
|
||||
*
|
||||
* Search for ".." surrounded by either '/' or start/end of string.
|
||||
*
|
||||
* This intentionally only looks at the firmware name, not at the firmware base
|
||||
* directory or at symlink contents.
|
||||
*/
|
||||
static bool name_contains_dotdot(const char *name)
|
||||
{
|
||||
size_t name_len = strlen(name);
|
||||
|
||||
return strcmp(name, "..") == 0 || strncmp(name, "../", 3) == 0 ||
|
||||
strstr(name, "/../") != NULL ||
|
||||
(name_len >= 3 && strcmp(name+name_len-3, "/..") == 0);
|
||||
}
|
||||
|
||||
/* called from request_firmware() and request_firmware_work_func() */
|
||||
static int
|
||||
_request_firmware(const struct firmware **firmware_p, const char *name,
|
||||
|
|
@ -862,6 +842,17 @@ _request_firmware(const struct firmware **firmware_p, const char *name,
|
|||
goto out;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* Reject firmware file names with ".." path components.
|
||||
* There are drivers that construct firmware file names from
|
||||
* device-supplied strings, and we don't want some device to be
|
||||
* able to tell us "I would like to be sent my firmware from
|
||||
* ../../../etc/shadow, please".
|
||||
*
|
||||
* This intentionally only looks at the firmware name, not at
|
||||
* the firmware base directory or at symlink contents.
|
||||
*/
|
||||
if (name_contains_dotdot(name)) {
|
||||
dev_warn(device,
|
||||
"Firmware load for '%s' refused, path contains '..' component\n",
|
||||
|
|
|
|||
|
|
@ -3264,6 +3264,22 @@ static inline bool is_dot_dotdot(const char *name, size_t len)
|
|||
(len == 1 || (len == 2 && name[1] == '.'));
|
||||
}
|
||||
|
||||
/**
|
||||
* name_contains_dotdot - check if a file name contains ".." path components
|
||||
*
|
||||
* Search for ".." surrounded by either '/' or start/end of string.
|
||||
*/
|
||||
static inline bool name_contains_dotdot(const char *name)
|
||||
{
|
||||
size_t name_len;
|
||||
|
||||
name_len = strlen(name);
|
||||
return strcmp(name, "..") == 0 ||
|
||||
strncmp(name, "../", 3) == 0 ||
|
||||
strstr(name, "/../") != NULL ||
|
||||
(name_len >= 3 && strcmp(name + name_len - 3, "/..") == 0);
|
||||
}
|
||||
|
||||
#include <linux/err.h>
|
||||
|
||||
/* needed for stackable file system support */
|
||||
|
|
|
|||
Loading…
Reference in a new issue