Restrict filesystem creation if name referred either '.' or '..'

author Tulsi Jain <TulsiJain@users.noreply.github.com>

Thu, 13 Jun 2019 15:56:15 +0000 (08:56 -0700)

committer Brian Behlendorf <behlendorf1@llnl.gov>

Thu, 13 Jun 2019 15:56:15 +0000 (08:56 -0700)
author Tulsi Jain <TulsiJain@users.noreply.github.com>
Thu, 13 Jun 2019 15:56:15 +0000 (08:56 -0700)
committer Brian Behlendorf <behlendorf1@llnl.gov>
Thu, 13 Jun 2019 15:56:15 +0000 (08:56 -0700)
diff --git a/include/zfs_namecheck.h b/include/zfs_namecheck.h

index 527db92b0cfa6e2a8c91ba5516e66c1cb82a7da4..56d3d36f026edb607fe3199f2734be9e9c90dcc4 100644 (file)
--- a/include/zfs_namecheck.h
+++ b/include/zfs_namecheck.h
@@ -43,6 +43,8 @@ typedef enum {
         NAME_ERR_RESERVED,              /* entire name is reserved */
         NAME_ERR_DISKLIKE,              /* reserved disk name (c[0-9].*) */
         NAME_ERR_TOOLONG,               /* name is too long */
+       NAME_ERR_SELF_REF,              /* reserved self path name ('.') */
+       NAME_ERR_PARENT_REF,            /* reserved parent path name ('..') */
         NAME_ERR_NO_AT,                 /* permission set is missing '@' */
  } namecheck_err_t;
  
diff --git a/lib/libzfs/libzfs_dataset.c b/lib/libzfs/libzfs_dataset.c

index 93af50b99cdd60ba547de539ea85b3ca0cadfd62..3be205f1f4377ed6649007b94cd7442de1736565 100644 (file)
--- a/lib/libzfs/libzfs_dataset.c
+++ b/lib/libzfs/libzfs_dataset.c
@@ -197,6 +197,16 @@ zfs_validate_name(libzfs_handle_t *hdl, const char *path, int type,
                                     "reserved disk name"));
                                 break;
  
+                       case NAME_ERR_SELF_REF:
+                               zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
+                                   "self reference, '.' is found in name"));
+                               break;
+
+                       case NAME_ERR_PARENT_REF:
+                               zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
+                                   "parent reference, '..' is found in name"));
+                               break;
+
                         default:
                                 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
                                     "(%d) not defined"), why);
diff --git a/module/zcommon/zfs_namecheck.c b/module/zcommon/zfs_namecheck.c

index 58b23b0e00b0b11a2301afb14221fffa948e3669..b1e0de6d81810c0aed118919a11c8b2b8e597c89 100644 (file)
--- a/module/zcommon/zfs_namecheck.c
+++ b/module/zcommon/zfs_namecheck.c
@@ -232,6 +232,27 @@ entity_namecheck(const char *path, namecheck_err_t *why, char *what)
                         }
                 }
  
+               if (*end == '\0' || *end == '/') {
+                       int component_length = end - start;
+                       /* Validate the contents of this component is not '.' */
+                       if (component_length == 1) {
+                               if (start[0] == '.') {
+                                       if (why)
+                                               *why = NAME_ERR_SELF_REF;
+                                       return (-1);
+                               }
+                       }
+
+                       /* Validate the content of this component is not '..' */
+                       if (component_length == 2) {
+                               if (start[0] == '.' && start[1] == '.') {
+                                       if (why)
+                                               *why = NAME_ERR_PARENT_REF;
+                                       return (-1);
+                               }
+                       }
+               }
+
                 /* Snapshot or bookmark delimiter found */
                 if (*end == '@' || *end == '#') {
                         /* Multiple delimiters are not allowed */
diff --git a/tests/zfs-tests/tests/functional/cli_root/zfs_create/zfs_create_009_neg.ksh b/tests/zfs-tests/tests/functional/cli_root/zfs_create/zfs_create_009_neg.ksh

index b8190626c7b38e02a92d13a38e9abd014b7335a5..63f5e595ea38d4f1a22a37b664c498f398ab39a2 100755 (executable)
--- a/tests/zfs-tests/tests/functional/cli_root/zfs_create/zfs_create_009_neg.ksh
+++ b/tests/zfs-tests/tests/functional/cli_root/zfs_create/zfs_create_009_neg.ksh
@@ -90,7 +90,9 @@ set -A args  "$TESTPOOL/" "$TESTPOOL//blah" "$TESTPOOL/@blah" \
         "$TESTPOOL/blah*blah" "$TESTPOOL/blah blah" \
         "-s $TESTPOOL/$TESTFS1" "-b 1092 $TESTPOOL/$TESTFS1" \
         "-b 64k $TESTPOOL/$TESTFS1" "-s -b 32k $TESTPOOL/$TESTFS1" \
-       "$TESTPOOL/$BYND_MAX_NAME" "$TESTPOOL/$BYND_NEST_LIMIT"
+       "$TESTPOOL/$BYND_MAX_NAME" "$TESTPOOL/$BYND_NEST_LIMIT" \
+       "$TESTPOOL/." "$TESTPOOL/.." "$TESTPOOL/../blah" "$TESTPOOL/./blah" \
+       "$TESTPOOL/blah/./blah" "$TESTPOOL/blah/../blah"
  
  log_assert "Verify 'zfs create <filesystem>' fails with bad <filesystem> argument."
author	Tulsi Jain <TulsiJain@users.noreply.github.com>
	Thu, 13 Jun 2019 15:56:15 +0000 (08:56 -0700)
committer	Brian Behlendorf <behlendorf1@llnl.gov>
	Thu, 13 Jun 2019 15:56:15 +0000 (08:56 -0700)
include/zfs_namecheck.h		patch \| blob \| history
lib/libzfs/libzfs_dataset.c		patch \| blob \| history
module/zcommon/zfs_namecheck.c		patch \| blob \| history
tests/zfs-tests/tests/functional/cli_root/zfs_create/zfs_create_009_neg.ksh		patch \| blob \| history