mirrors/qemu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
a33eda0dd9
qemu/hw/9pfs
History
Greg Kurz a33eda0dd9 9pfs: local: utimensat: don't follow symlinks 
The local_utimensat() callback is vulnerable to symlink attacks because it
calls qemu_utimens()->utimensat(AT_SYMLINK_NOFOLLOW) which follows symbolic
links in all path elements but the rightmost one or qemu_utimens()->utimes()
which follows symbolic links for all path elements.

This patch converts local_utimensat() to rely on opendir_nofollow() and
utimensat(AT_SYMLINK_NOFOLLOW) directly instead of using qemu_utimens().
It is hence assumed that the OS supports utimensat(), i.e. has glibc 2.6
or higher and linux 2.6.22 or higher, which seems reasonable nowadays.

This partly fixes CVE-2016-9602.

Signed-off-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-02-28 11:21:15 +01:00
..
9p-handle.c 9pfs: add cleanup operation for handle backend driver 2016-11-23 13:53:34 +01:00
9p-local.c 9pfs: local: utimensat: don't follow symlinks 2017-02-28 11:21:15 +01:00
9p-local.h 9pfs: local: open/opendir: don't follow symlinks 2017-02-28 11:21:15 +01:00
9p-posix-acl.c 9pfs: local: lremovexattr: don't follow symlinks 2017-02-28 11:21:15 +01:00
9p-proxy.c 9pfs: add cleanup operation for proxy backend driver 2016-11-23 13:53:34 +01:00
9p-proxy.h Clean up ill-advised or unusual header guards 2016-07-12 16:20:46 +02:00
9p-synth.c 9p: synth: drop v9fs_ prefix 2016-07-01 14:38:54 +02:00
9p-synth.h 9pfs: fsdev: drop useless extern annotation for functions 2016-10-17 14:13:58 +02:00
9p-util.c 9pfs: local: lgetxattr: don't follow symlinks 2017-02-28 11:21:15 +01:00
9p-util.h 9pfs: local: lsetxattr: don't follow symlinks 2017-02-28 11:21:15 +01:00
9p-xattr-user.c 9pfs: local: lremovexattr: don't follow symlinks 2017-02-28 11:21:15 +01:00
9p-xattr.c 9pfs: local: lremovexattr: don't follow symlinks 2017-02-28 11:21:15 +01:00
9p-xattr.h 9pfs: local: lremovexattr: don't follow symlinks 2017-02-28 11:21:15 +01:00
9p.c coroutine-lock: add mutex argument to CoQueue APIs 2017-02-21 11:39:40 +00:00
9p.h 9pfs: fix P9_NOTAG and P9_NOFID macros 2017-01-03 17:28:44 +01:00
codir.c 9pfs: use coroutine_fn annotation in hw/9pfs/co*.[ch] 2016-10-17 14:13:58 +02:00
cofile.c 9pfs: use coroutine_fn annotation in hw/9pfs/co*.[ch] 2016-10-17 14:13:58 +02:00
cofs.c 9pfs: use coroutine_fn annotation in hw/9pfs/co*.[ch] 2016-10-17 14:13:58 +02:00
coth.c coroutine: move entry argument to qemu_coroutine_create 2016-07-13 13:26:02 +02:00
coth.h 9pfs: use coroutine_fn annotation in hw/9pfs/co*.[ch] 2016-10-17 14:13:58 +02:00
coxattr.c 9pfs: use coroutine_fn annotation in hw/9pfs/co*.[ch] 2016-10-17 14:13:58 +02:00
Makefile.objs 9pfs: introduce relative_openat_nofollow() helper 2017-02-28 11:21:15 +01:00
trace-events 9pfs: limit xattr size in xattrcreate 2016-11-01 12:03:02 +01:00
virtio-9p-device.c 9pfs: introduce init_out/in_iov_from_pdu 2017-01-03 17:28:44 +01:00
virtio-9p.h 9pfs: introduce transport specific callbacks 2017-01-03 17:28:44 +01:00