1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
|
From 05117ed2887ee1535978170cd06596ee015951f4 Mon Sep 17 00:00:00 2001
From: zhongtao <zhongtao17@huawei.com>
Date: Tue, 12 Dec 2023 20:26:30 +0800
Subject: [PATCH 53/64] prevent the parent dir from being bind mounted to the
subdir
Signed-off-by: zhongtao <zhongtao17@huawei.com>
---
src/utils/tar/util_archive.c | 26 ++++++++++++++++++++++++++
1 file changed, 26 insertions(+)
diff --git a/src/utils/tar/util_archive.c b/src/utils/tar/util_archive.c
index e8fad391..29c2bc03 100644
--- a/src/utils/tar/util_archive.c
+++ b/src/utils/tar/util_archive.c
@@ -182,6 +182,26 @@ unlock_out:
return ret;
}
+static int is_parent_directory(const char *parent_path, const char *child_path)
+{
+ size_t parent_len = strlen(parent_path);
+ size_t child_len = strlen(child_path);
+
+ if (parent_len == 0 || child_len == 0 || parent_len >= child_len) {
+ return -1;
+ }
+
+ if (strncmp(parent_path, child_path, parent_len) != 0) {
+ return -1;
+ }
+
+ if (child_path[parent_len] != '/') {
+ return -1;
+ }
+
+ return 0;
+}
+
static int make_safedir_is_noexec(const char *flock_path, const char *dstdir, char **safe_dir)
{
struct stat buf;
@@ -235,6 +255,12 @@ static int make_safedir_is_noexec(const char *flock_path, const char *dstdir, ch
return -1;
}
+ // prevent the parent directory from being bind mounted to the subdirectory
+ if (is_parent_directory(dstdir, tmp_dir) == 0) {
+ ERROR("Cannot bind mount the parent directory: %s to its subdirectory: %s", dstdir, tmp_dir);
+ return -1;
+ }
+
if (bind_mount_with_flock(flock_path, dstdir, tmp_dir) != 0) {
ERROR("Failed to bind mount from %s to %s with flock", dstdir, tmp_dir);
if (util_path_remove(tmp_dir) != 0) {
--
2.42.0
|
