On 08/11/2016 02:48, Will Deacon wrote:
> On Tue, Oct 18, 2016 at 06:02:38PM +0200, G. Campana wrote:
>> ---
>> virtio/9p.c | 55 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
>> 1 file changed, 55 insertions(+)
>>
>> diff --git a/virtio/9p.c b/virtio/9p.c
>> index 49e7c5c..c3edc20 100644
>> --- a/virtio/9p.c
>> +++ b/virtio/9p.c
>> @@ -222,6 +222,21 @@ static bool is_dir(struct p9_fid *fid)
>> return S_ISDIR(st.st_mode);
>> }
>>
>> +/* path is always absolute */
>> +static bool path_is_illegal(const char *path)
>> +{
>> + size_t len;
>> +
>> + if (strstr(path, "/../") != NULL)
>> + return true;
>> +
>> + len = strlen(path);
>> + if (len >= 3 && strcmp(path + len - 3, "/..") == 0)
>> + return true;
>
> Why not just look for ".." and ignore the slashes altogether? Then you
> wouldn't need to treat the end of the string specially, either.
>
Because filenames and dirnames can contain the string "..". For
instance, "foo..bar" is a valid filename.
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
