qemu/9pfs at ac125d993b461d4dee4d6df4d93ac3f2eb959d1d - qemu - SynapseOS git

mirrors/qemu

History

Greg Kurz ac125d993b 9pfs: local: truncate: don't follow symlinks

The local_truncate() callback is vulnerable to symlink attacks because
it calls truncate() which follows symbolic links in all path elements.

This patch converts local_truncate() to rely on open_nofollow() and
ftruncate() instead.

This partly fixes CVE-2016-9602.

Signed-off-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>

2017-02-28 11:21:15 +01:00

..

9p-handle.c

9pfs: add cleanup operation for handle backend driver

2016-11-23 13:53:34 +01:00

9p-local.c

9pfs: local: truncate: don't follow symlinks

2017-02-28 11:21:15 +01:00

9p-local.h

9pfs: local: open/opendir: don't follow symlinks

2017-02-28 11:21:15 +01:00

9p-posix-acl.c

9pfs: local: lremovexattr: don't follow symlinks

2017-02-28 11:21:15 +01:00

9p-proxy.c

9pfs: add cleanup operation for proxy backend driver

2016-11-23 13:53:34 +01:00

9p-proxy.h

…

9p-synth.c

…

9p-synth.h

9pfs: fsdev: drop useless extern annotation for functions

2016-10-17 14:13:58 +02:00

9p-util.c

9pfs: local: lgetxattr: don't follow symlinks

2017-02-28 11:21:15 +01:00

9p-util.h

9pfs: local: lsetxattr: don't follow symlinks

2017-02-28 11:21:15 +01:00

9p-xattr-user.c

9pfs: local: lremovexattr: don't follow symlinks

2017-02-28 11:21:15 +01:00

9p-xattr.c

9pfs: local: lremovexattr: don't follow symlinks

2017-02-28 11:21:15 +01:00

9p-xattr.h

9pfs: local: lremovexattr: don't follow symlinks

2017-02-28 11:21:15 +01:00

9p.c

coroutine-lock: add mutex argument to CoQueue APIs

2017-02-21 11:39:40 +00:00

9p.h

9pfs: fix P9_NOTAG and P9_NOFID macros

2017-01-03 17:28:44 +01:00

codir.c

9pfs: use coroutine_fn annotation in hw/9pfs/co*.[ch]

2016-10-17 14:13:58 +02:00

cofile.c

9pfs: use coroutine_fn annotation in hw/9pfs/co*.[ch]

2016-10-17 14:13:58 +02:00

cofs.c

9pfs: use coroutine_fn annotation in hw/9pfs/co*.[ch]

2016-10-17 14:13:58 +02:00

coth.c

…

coth.h

9pfs: use coroutine_fn annotation in hw/9pfs/co*.[ch]

2016-10-17 14:13:58 +02:00

coxattr.c

9pfs: use coroutine_fn annotation in hw/9pfs/co*.[ch]

2016-10-17 14:13:58 +02:00

Makefile.objs

9pfs: introduce relative_openat_nofollow() helper

2017-02-28 11:21:15 +01:00

trace-events

9pfs: limit xattr size in xattrcreate

2016-11-01 12:03:02 +01:00

virtio-9p-device.c

9pfs: introduce init_out/in_iov_from_pdu

2017-01-03 17:28:44 +01:00

virtio-9p.h

9pfs: introduce transport specific callbacks

2017-01-03 17:28:44 +01:00