Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 16 Feb 2001 17:38:42 +0100 (MEZ)
From:      Patrick Guelat <Patrick.Guelat@imp.ch>
To:        freebsd-current@FreeBSD.ORG
Cc:        Patrick.Guelat@imp.ch
Subject:   Fix for mountpath len, 2nd edition
Message-ID:  <200102161638.f1GGcgH308978@harem.imp.ch>

next in thread | raw e-mail | index | archive | help

Here is another version of the MNAMELEN mount fix. Comments ?

	Patrick
--
Patrick Guelat, ImproWare AG Network Services, CH-4133 Pratteln
Mail: patg@imp.ch - Phone: +41 61 826 93 00 (ext: 13)
-------------------------------------------------------------------------------

*** sys/kern/vfs_syscalls.c	Fri Feb  9 07:09:52 2001
--- sys/kern/vfs_syscalls.c~	Fri Feb 16 16:31:59 2001
***************
*** 121,126 ****
--- 121,128 ----
  	struct vattr va;
  	struct nameidata nd;
  	char fstypename[MFSNAMELEN];
+ 	char mountpoint[MAXPATHLEN];
+ 	size_t mplen;
  
  	if (usermount == 0 && (error = suser(p)))
  		return (error);
***************
*** 138,147 ****
  	if (suser_xxx(p->p_ucred, 0, 0)) 
  		SCARG(uap, flags) |= MNT_NOSUID | MNT_NODEV;
  	/*
  	 * Get vnode to be covered
  	 */
! 	NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_USERSPACE,
! 	    SCARG(uap, path), p);
  	if ((error = namei(&nd)) != 0)
  		return (error);
  	NDFREE(&nd, NDF_ONLY_PNBUF);
--- 140,157 ----
  	if (suser_xxx(p->p_ucred, 0, 0)) 
  		SCARG(uap, flags) |= MNT_NOSUID | MNT_NODEV;
  	/*
+ 	 * Limit pathnamelength to MNAMELEN
+ 	 */
+ 	error = copyinstr(SCARG(uap, path), mountpoint, MAXPATHLEN, &mplen);
+ 	if(!error && mplen>MNAMELEN)
+ 		error = ENAMETOOLONG;
+ 	if(error)
+ 		return (error);
+ 	/*
  	 * Get vnode to be covered
  	 */
! 	NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE,
! 	    mountpoint, p);
  	if ((error = namei(&nd)) != 0)
  		return (error);
  	NDFREE(&nd, NDF_ONLY_PNBUF);


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200102161638.f1GGcgH308978>