Re: [PATCH] fs: don't let getdents return bogus names

[PATCH] fs: don't let getdents return bogus names · Jann Horn <jannh@google.com> · 2018-07-16
Re: [PATCH] fs: don't let getdents return bogus names · Al Viro <viro@ZenIV.linux.org.uk> · 2018-07-16
Re: [PATCH] fs: don't let getdents return bogus names · Jann Horn <jannh@google.com> · 2018-07-16
Re: [PATCH] fs: don't let getdents return bogus names · Dave Chinner <david@fromorbit.com> · 2018-07-19
Re: [PATCH] fs: don't let getdents return bogus names · Pavel Machek <hidden> · 2018-07-29
Re: [PATCH] fs: don't let getdents return bogus names · kbuild test robot <hidden> · 2018-07-16
Re: [PATCH] fs: don't let getdents return bogus names · kbuild test robot <hidden> · 2018-07-16

From: Al Viro <viro@ZenIV.linux.org.uk>
Date: 2018-07-16 20:26:02
Also in: linux-fsdevel, lkml

On Mon, Jul 16, 2018 at 09:48:43PM +0200, Jann Horn wrote:

When you e.g. run `find` on a directory for which getdents returns
"filenames" that contain slashes, `find` passes those "filenames" back to
the kernel, which then interprets them as paths. That could conceivably
cause userspace to do something bad when accessing something like an
untrusted USB stick, but I'm not aware of any specific example.

Instead of returning bogus filenames to userspace, return -EUCLEAN.

Because there's such a lot of userland code that expect and handles that
error value...

I'm not sure if this mitigation is actually better than "just return it
as-is", TBH.

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help