Restrict filesystem creation if name referred either '.' or '..'

This change restricts filesystem creation if the given name
contains either '.' or '..'

Reviewed-by: Matt Ahrens <mahrens@delphix.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Richard Elling <Richard.Elling@RichardElling.com>
Signed-off-by: TulsiJain <tulsi.jain@delphix.com>
Closes #8842
Closes #8564
This commit is contained in:
Tulsi Jain 2019-06-13 08:56:15 -07:00 committed by Tony Hutter
parent 77e64c6fff
commit 19cebf0518
4 changed files with 36 additions and 1 deletions

View File

@ -43,6 +43,8 @@ typedef enum {
NAME_ERR_RESERVED, /* entire name is reserved */ NAME_ERR_RESERVED, /* entire name is reserved */
NAME_ERR_DISKLIKE, /* reserved disk name (c[0-9].*) */ NAME_ERR_DISKLIKE, /* reserved disk name (c[0-9].*) */
NAME_ERR_TOOLONG, /* name is too long */ NAME_ERR_TOOLONG, /* name is too long */
NAME_ERR_SELF_REF, /* reserved self path name ('.') */
NAME_ERR_PARENT_REF, /* reserved parent path name ('..') */
NAME_ERR_NO_AT, /* permission set is missing '@' */ NAME_ERR_NO_AT, /* permission set is missing '@' */
} namecheck_err_t; } namecheck_err_t;

View File

@ -197,6 +197,16 @@ zfs_validate_name(libzfs_handle_t *hdl, const char *path, int type,
"reserved disk name")); "reserved disk name"));
break; break;
case NAME_ERR_SELF_REF:
zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
"self reference, '.' is found in name"));
break;
case NAME_ERR_PARENT_REF:
zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
"parent reference, '..' is found in name"));
break;
default: default:
zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
"(%d) not defined"), why); "(%d) not defined"), why);

View File

@ -232,6 +232,27 @@ entity_namecheck(const char *path, namecheck_err_t *why, char *what)
} }
} }
if (*end == '\0' || *end == '/') {
int component_length = end - start;
/* Validate the contents of this component is not '.' */
if (component_length == 1) {
if (start[0] == '.') {
if (why)
*why = NAME_ERR_SELF_REF;
return (-1);
}
}
/* Validate the content of this component is not '..' */
if (component_length == 2) {
if (start[0] == '.' && start[1] == '.') {
if (why)
*why = NAME_ERR_PARENT_REF;
return (-1);
}
}
}
/* Snapshot or bookmark delimiter found */ /* Snapshot or bookmark delimiter found */
if (*end == '@' || *end == '#') { if (*end == '@' || *end == '#') {
/* Multiple delimiters are not allowed */ /* Multiple delimiters are not allowed */

View File

@ -90,7 +90,9 @@ set -A args "$TESTPOOL/" "$TESTPOOL//blah" "$TESTPOOL/@blah" \
"$TESTPOOL/blah*blah" "$TESTPOOL/blah blah" \ "$TESTPOOL/blah*blah" "$TESTPOOL/blah blah" \
"-s $TESTPOOL/$TESTFS1" "-b 1092 $TESTPOOL/$TESTFS1" \ "-s $TESTPOOL/$TESTFS1" "-b 1092 $TESTPOOL/$TESTFS1" \
"-b 64k $TESTPOOL/$TESTFS1" "-s -b 32k $TESTPOOL/$TESTFS1" \ "-b 64k $TESTPOOL/$TESTFS1" "-s -b 32k $TESTPOOL/$TESTFS1" \
"$TESTPOOL/$BYND_MAX_NAME" "$TESTPOOL/$BYND_NEST_LIMIT" "$TESTPOOL/$BYND_MAX_NAME" "$TESTPOOL/$BYND_NEST_LIMIT" \
"$TESTPOOL/." "$TESTPOOL/.." "$TESTPOOL/../blah" "$TESTPOOL/./blah" \
"$TESTPOOL/blah/./blah" "$TESTPOOL/blah/../blah"
log_assert "Verify 'zfs create <filesystem>' fails with bad <filesystem> argument." log_assert "Verify 'zfs create <filesystem>' fails with bad <filesystem> argument."