[master][PATCH] ifupdown: use 'replace' in ip addr/route for static_up functions
ip addr add command adds a new IP address to an interface. However, when
configuring a static IP address, it results in an error:
"RTNETLINK answers: File exists"
This causes the ifup command to fail with an exit status of 2, which can
occur if the same IP address or default route is already configured by
other means, such as through a kernel command line in NFS root
environments.
To solve this, the ip addr replace and ip route replace commands are
used instead. These commands either add the IP address or route if they
do not exist, or replace them if they do, without raising an error. This
ensures that ifup does not fail when the IP address or route is already
present.
Signed-off-by: Valeria Petrov
---
networking/ifupdown.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/networking/ifupdown.c b/networking/ifupdown.c
index 9c3640be7..9379dda30 100644
--- a/networking/ifupdown.c
+++ b/networking/ifupdown.c
@@ -484,10 +484,10 @@ static int FAST_FUNC static_up6(struct interface_defn_t
*ifd, execfn *exec)
{
int result;
# if ENABLE_FEATURE_IFUPDOWN_IP
- result = execute("ip addr add %address%/%netmask% dev %iface%[[ label
%label%]]", ifd, exec);
+ result = execute("ip addr replace %address%/%netmask% dev %iface%[[
label %label%]]", ifd, exec);
result += execute("ip link set[[ mtu %mtu%]][[ addr %hwaddress%]]
%iface% up", ifd, exec);
/* Reportedly, IPv6 needs "dev %iface%", but IPv4 does not: */
- result += execute("[[ip route add ::/0 via %gateway% dev %iface%]][[
metric %metric%]]", ifd, exec);
+ result += execute("[[ip route replace ::/0 via %gateway% dev
%iface%]][[ metric %metric%]]", ifd, exec);
# else
result = execute("ifconfig %iface%[[ media %media%]][[ hw
%hwaddress%]][[ mtu %mtu%]] up", ifd, exec);
result += execute("ifconfig %iface% add %address%/%netmask%", ifd,
exec);
@@ -574,10 +574,10 @@ static int FAST_FUNC static_up(struct interface_defn_t
*ifd, execfn *exec)
{
int result;
# if ENABLE_FEATURE_IFUPDOWN_IP
- result = execute("ip addr add %address%/%bnmask%[[ broadcast
%broadcast%]] "
+ result = execute("ip addr replace %address%/%bnmask%[[ broadcast
%broadcast%]] "
"dev %iface%[[ peer %pointopoint%]][[ label %label%]]",
ifd, exec);
result += execute("ip link set[[ mtu %mtu%]][[ addr %hwaddress%]]
%iface% up", ifd, exec);
- result += execute("[[ip route add default via %gateway% dev %iface%[[
metric %metric%", ifd, exec);
+ result += execute("[[ip route replace default via %gateway% dev
%iface%[[ metric %metric%", ifd, exec);
return ((result == 3) ? 3 : 0);
# else
/* ifconfig said to set iface up before it processes hw %hwaddress%,
--
2.25.1
___
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox
[RESEND(4) PATCH] archival: disallow path traversals (CVE-2023-39810)
Create new configure option for archival/libarchive based extractions to
disallow path traversals.
As this is a paranoid option and might introduce backward
incompatibiltiy, default it to no.
Fixes: CVE-2023-39810
Signed-off-by: Peter Kaestle
Reviewed-by: Samuel Sapalski
---
archival/Config.src| 7 +++
archival/libarchive/data_extract_all.c | 22 ++
testsuite/cpio.tests | 18 ++
3 files changed, 47 insertions(+)
diff --git a/archival/Config.src b/archival/Config.src
index 6f4f30c43..ac9d3db95 100644
--- a/archival/Config.src
+++ b/archival/Config.src
@@ -35,4 +35,11 @@ config FEATURE_LZMA_FAST
This option reduces decompression time by about 25% at the cost of
a 1K bigger binary.
+config FEATURE_PATH_TRAVERSAL_PROTECTION
+ bool "enable path traversal protection"
+ default n
+ help
+ This option will disallow extraction of files outside of the
+ destination directory.
+
endmenu
diff --git a/archival/libarchive/data_extract_all.c
b/archival/libarchive/data_extract_all.c
index 049c2c156..cb5d5c4ca 100644
--- a/archival/libarchive/data_extract_all.c
+++ b/archival/libarchive/data_extract_all.c
@@ -66,6 +66,28 @@ void FAST_FUNC data_extract_all(archive_handle_t
*archive_handle)
}
#endif
+#if ENABLE_FEATURE_PATH_TRAVERSAL_PROTECTION
+ if (strstr(dst_name, "../")) {
+ char *resolved_dst_path, *cwd;
+
+ cwd = getcwd(NULL, 0);
+
+ resolved_dst_path = xmalloc_realpath_coreutils(dst_name);
+ if (resolved_dst_path) {
+ if (strncmp(cwd, resolved_dst_path, strlen(cwd))) {
+ errno = 0; /* suppress missleading error prints
*/
+ free(resolved_dst_path);
+ bb_perror_msg_and_die("path traversal detected:
%s",
+ dst_name);
+ }
+ free(resolved_dst_path);
+ } else {
+ bb_perror_msg_and_die("cannot allocate memory for real
path: %s",
+ dst_name);
+ }
+ }
+#endif
+
if (archive_handle->ah_flags & ARCHIVE_CREATE_LEADING_DIRS) {
char *slash = strrchr(dst_name, '/');
if (slash) {
diff --git a/testsuite/cpio.tests b/testsuite/cpio.tests
index 85e746589..1c0b75297 100755
--- a/testsuite/cpio.tests
+++ b/testsuite/cpio.tests
@@ -154,6 +154,24 @@ testing "cpio -R with extract" \
" "" ""
SKIP=
+optional FEATURE_PATH_TRAVERSAL_PROTECTION
+rm -rf cpio.testdir
+mkdir -p cpio.testdir/prepare/inner
+echo "file outside of destination was written" >
cpio.testdir/prepare/dont_write
+echo "data" > cpio.testdir/prepare/inner/to_extract
+mkdir -p cpio.testdir/extract
+testing "cpio extract file outside of destination" \
+"(cd cpio.testdir/prepare/inner && echo -e '../dont_write\nto_extract' | cpio
-H newc --create) |
+(cd cpio.testdir/extract && cpio -vi 2>&1);
+echo \$?;
+ls cpio.testdir/dont_write 2>&1" \
+"\
+cpio: path traversal detected: ../dont_write
+1
+ls: cpio.testdir/dont_write: No such file or directory
+" "" ""
+SKIP=
+
# Clean up
rm -rf cpio.testdir cpio.testdir2 2>/dev/null
--
2.42.0
___
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox
