CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

author	Dag-Erling Smørgrav <des@FreeBSD.org>
	Wed, 6 Mar 2024 16:13:42 +0000 (17:13 +0100)
committer	Dag-Erling Smørgrav <des@FreeBSD.org>
	Wed, 6 Mar 2024 16:13:42 +0000 (17:13 +0100)
commit	38b3683592d4c20a74f52a6e8e29368e6fa61858
tree	2a39041cb73d7d997eedb439e3e9f7e2620c4c0b	tree \| snapshot
parent	d0168b32bc67033414e43f07eff2a4e850652c29	commit \| diff

tarfs: Fix two input validation issues.

* Reject hard or soft links with an empty target path.  Currently, a
  debugging kernel will hit an assertion in tarfs_lookup_path() while
  a non-debugging kernel will happily create a link to the mount root.

* Use a temporary variable to store the result of the link target path,
  and copy it to tnp->other only once we have found it to be valid.
  Otherwise we error out after creating a reference to the target but
  before incrementing the target's reference count, which results in a
  use-after-free situation in the cleanup code.

* Correctly return ENOENT from tarfs_lookup_path() if the requested
  path was not found and create_dirs is false.  Luckily, existing
  callers did not rely solely on the return value.

MFC after: 3 days
PR: 277360
Sponsored by: Juniper Networks, Inc.
Sponsored by: Klara, Inc.
Reviewed by: sjg
Differential Revision: https://reviews.freebsd.org/D44161

sys/fs/tarfs/tarfs_vfsops.c		diff \| blob \| history
tests/sys/fs/tarfs/Makefile		diff \| blob \| history
tests/sys/fs/tarfs/tarfs_test.sh		diff \| blob \| history
tests/sys/fs/tarfs/tarsum.c	[new file with mode: 0644]	blob