On 9/29/2021 8:40 AM, Namjae Jeon wrote:
2021-09-29 0:18 GMT+09:00, Tom Talpey <tom@xxxxxxxxxx>:
On 9/24/2021 11:06 AM, Hyunchul Lee wrote:
instead of removing '..' in a given path, call
kern_path with LOOKUP_BENEATH flag to prevent
the out of share access.
<snip> <snip> <snip>
-char *convert_to_nt_pathname(char *filename, char *sharepath)
+char *convert_to_nt_pathname(char *filename)
{
char *ab_pathname;
- int len, name_len;
- name_len = strlen(filename);
- ab_pathname = kmalloc(name_len, GFP_KERNEL);
- if (!ab_pathname)
- return NULL;
-
- ab_pathname[0] = '\\';
- ab_pathname[1] = '\0';
+ if (strlen(filename) == 0) {
+ ab_pathname = kmalloc(2, GFP_KERNEL);
+ ab_pathname[0] = '\\';
+ ab_pathname[1] = '\0';
This converts the empty filename to "\" - the volume root!?
"\" is relative to the share. i.e. the share root.
Is that the right thing to do? Does the Samba server do this?
I believe the Windows server will fail such a path, but I can't
check right now.
Tom.
