On Tue, Oct 18, 2016 at 06:02:38PM +0200, G. Campana wrote:
> ---
> virtio/9p.c | 55 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
> 1 file changed, 55 insertions(+)
>
> diff --git a/virtio/9p.c b/virtio/9p.c
> index 49e7c5c..c3edc20 100644
> --- a/virtio/9p.c
> +++ b/virtio/9p.c
> @@ -222,6 +222,21 @@ static bool is_dir(struct p9_fid *fid)
> return S_ISDIR(st.st_mode);
> }
>
> +/* path is always absolute */
> +static bool path_is_illegal(const char *path)
> +{
> + size_t len;
> +
> + if (strstr(path, "/../") != NULL)
> + return true;
> +
> + len = strlen(path);
> + if (len >= 3 && strcmp(path + len - 3, "/..") == 0)
> + return true;
Why not just look for ".." and ignore the slashes altogether? Then you
wouldn't need to treat the end of the string specially, either.
Will
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
