mirror of
https://git.proxmox.com/git/mirror_zfs.git
synced 2024-11-18 02:20:59 +03:00
Restrict filesystem creation if name referred either '.' or '..'
This change restricts filesystem creation if the given name contains either '.' or '..' Reviewed-by: Matt Ahrens <mahrens@delphix.com> Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Reviewed-by: Richard Elling <Richard.Elling@RichardElling.com> Signed-off-by: TulsiJain <tulsi.jain@delphix.com> Closes #8842 Closes #8564
This commit is contained in:
parent
77e64c6fff
commit
19cebf0518
@ -43,6 +43,8 @@ typedef enum {
|
|||||||
NAME_ERR_RESERVED, /* entire name is reserved */
|
NAME_ERR_RESERVED, /* entire name is reserved */
|
||||||
NAME_ERR_DISKLIKE, /* reserved disk name (c[0-9].*) */
|
NAME_ERR_DISKLIKE, /* reserved disk name (c[0-9].*) */
|
||||||
NAME_ERR_TOOLONG, /* name is too long */
|
NAME_ERR_TOOLONG, /* name is too long */
|
||||||
|
NAME_ERR_SELF_REF, /* reserved self path name ('.') */
|
||||||
|
NAME_ERR_PARENT_REF, /* reserved parent path name ('..') */
|
||||||
NAME_ERR_NO_AT, /* permission set is missing '@' */
|
NAME_ERR_NO_AT, /* permission set is missing '@' */
|
||||||
} namecheck_err_t;
|
} namecheck_err_t;
|
||||||
|
|
||||||
|
@ -197,6 +197,16 @@ zfs_validate_name(libzfs_handle_t *hdl, const char *path, int type,
|
|||||||
"reserved disk name"));
|
"reserved disk name"));
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
case NAME_ERR_SELF_REF:
|
||||||
|
zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
|
||||||
|
"self reference, '.' is found in name"));
|
||||||
|
break;
|
||||||
|
|
||||||
|
case NAME_ERR_PARENT_REF:
|
||||||
|
zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
|
||||||
|
"parent reference, '..' is found in name"));
|
||||||
|
break;
|
||||||
|
|
||||||
default:
|
default:
|
||||||
zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
|
zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
|
||||||
"(%d) not defined"), why);
|
"(%d) not defined"), why);
|
||||||
|
@ -232,6 +232,27 @@ entity_namecheck(const char *path, namecheck_err_t *why, char *what)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (*end == '\0' || *end == '/') {
|
||||||
|
int component_length = end - start;
|
||||||
|
/* Validate the contents of this component is not '.' */
|
||||||
|
if (component_length == 1) {
|
||||||
|
if (start[0] == '.') {
|
||||||
|
if (why)
|
||||||
|
*why = NAME_ERR_SELF_REF;
|
||||||
|
return (-1);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Validate the content of this component is not '..' */
|
||||||
|
if (component_length == 2) {
|
||||||
|
if (start[0] == '.' && start[1] == '.') {
|
||||||
|
if (why)
|
||||||
|
*why = NAME_ERR_PARENT_REF;
|
||||||
|
return (-1);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/* Snapshot or bookmark delimiter found */
|
/* Snapshot or bookmark delimiter found */
|
||||||
if (*end == '@' || *end == '#') {
|
if (*end == '@' || *end == '#') {
|
||||||
/* Multiple delimiters are not allowed */
|
/* Multiple delimiters are not allowed */
|
||||||
|
@ -90,7 +90,9 @@ set -A args "$TESTPOOL/" "$TESTPOOL//blah" "$TESTPOOL/@blah" \
|
|||||||
"$TESTPOOL/blah*blah" "$TESTPOOL/blah blah" \
|
"$TESTPOOL/blah*blah" "$TESTPOOL/blah blah" \
|
||||||
"-s $TESTPOOL/$TESTFS1" "-b 1092 $TESTPOOL/$TESTFS1" \
|
"-s $TESTPOOL/$TESTFS1" "-b 1092 $TESTPOOL/$TESTFS1" \
|
||||||
"-b 64k $TESTPOOL/$TESTFS1" "-s -b 32k $TESTPOOL/$TESTFS1" \
|
"-b 64k $TESTPOOL/$TESTFS1" "-s -b 32k $TESTPOOL/$TESTFS1" \
|
||||||
"$TESTPOOL/$BYND_MAX_NAME" "$TESTPOOL/$BYND_NEST_LIMIT"
|
"$TESTPOOL/$BYND_MAX_NAME" "$TESTPOOL/$BYND_NEST_LIMIT" \
|
||||||
|
"$TESTPOOL/." "$TESTPOOL/.." "$TESTPOOL/../blah" "$TESTPOOL/./blah" \
|
||||||
|
"$TESTPOOL/blah/./blah" "$TESTPOOL/blah/../blah"
|
||||||
|
|
||||||
log_assert "Verify 'zfs create <filesystem>' fails with bad <filesystem> argument."
|
log_assert "Verify 'zfs create <filesystem>' fails with bad <filesystem> argument."
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user