proc: reject "." and ".." as filenames
Various subsystems can create files and directories in /proc with names directly controlled by userspace. Which means "/", "." and ".." are no-no. "/" split is already taken care of, do the other 2 prohibited names. Link: http://lkml.kernel.org/r/20180310001223.GB12443@avx2 Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Acked-by: Florian Westphal <fw@strlen.de> Cc: Eric Dumazet <eric.dumazet@gmail.com> Cc: Cong Wang <xiyou.wangcong@gmail.com> Cc: Pavel Machek <pavel@ucw.cz> Cc: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
parent
5de3d401b7
commit
b77d70db65
|
@ -366,6 +366,14 @@ static struct proc_dir_entry *__proc_create(struct proc_dir_entry **parent,
|
|||
WARN(1, "name len %u\n", qstr.len);
|
||||
return NULL;
|
||||
}
|
||||
if (qstr.len == 1 && fn[0] == '.') {
|
||||
WARN(1, "name '.'\n");
|
||||
return NULL;
|
||||
}
|
||||
if (qstr.len == 2 && fn[0] == '.' && fn[1] == '.') {
|
||||
WARN(1, "name '..'\n");
|
||||
return NULL;
|
||||
}
|
||||
if (*parent == &proc_root && name_to_int(&qstr) != ~0U) {
|
||||
WARN(1, "create '/proc/%s' by hand\n", qstr.name);
|
||||
return NULL;
|
||||
|
|
Loading…
Reference in New Issue