On Sat, 10 Mar 2018 03:12:23 +0300 Alexey Dobriyan <adobri...@gmail.com> wrote:
> Various subsystems can create files and directories in /proc
> with names directly controlled by userspace.
>
> Which means "/", "." and ".." are no-no.
>
> "/" split is already taken care of, do the other 2 prohibited names.
>
> --- a/fs/proc/generic.c
> +++ b/fs/proc/generic.c
> @@ -366,6 +366,14 @@ static struct proc_dir_entry *__proc_create(struct
> proc_dir_entry **parent,
> WARN(1, "name len %u\n", qstr.len);
> return NULL;
> }
> + if (qstr.len == 1 && fn[0] == '.') {
> + WARN(1, "name '.'\n");
> + return NULL;
> + }
> + if (qstr.len == 2 && fn[0] == '.' && fn[1] == '.') {
> + WARN(1, "name '..'\n");
> + return NULL;
> + }
> if (*parent == &proc_root && name_to_int(&qstr) != ~0U) {
> WARN(1, "create '/proc/%s' by hand\n", qstr.name);
> return NULL;
--- a/fs/proc/generic.c~proc-reject-and-as-filenames-fix
+++ a/fs/proc/generic.c
@@ -387,10 +387,8 @@ static struct proc_dir_entry *__proc_cre
WARN(1, "name len %u\n", qstr.len);
return NULL;
}
- if (qstr.len == 1 && fn[0] == '.') {
- WARN(1, "name '.'\n");
+ if (WARN(qstr.len == 1 && fn[0] == '.', "name '.'\n"))
return NULL;
- }
if (qstr.len == 2 && fn[0] == '.' && fn[1] == '.') {
WARN(1, "name '..'\n");
return NULL;
is neater, but the whole function should be thus converted and I'll let
you decide on that.
