2021-09-30 0:01 GMT+09:00, Tom Talpey <tom@xxxxxxxxxx>:
> On 9/29/2021 8:40 AM, Namjae Jeon wrote:
>> 2021-09-29 0:18 GMT+09:00, Tom Talpey <tom@xxxxxxxxxx>:
>>> On 9/24/2021 11:06 AM, Hyunchul Lee wrote:
>>>> instead of removing '..' in a given path, call
>>>> kern_path with LOOKUP_BENEATH flag to prevent
>>>> the out of share access.
>>>> <snip> <snip> <snip>
>>>> -char *convert_to_nt_pathname(char *filename, char *sharepath)
>>>> +char *convert_to_nt_pathname(char *filename)
>>>> {
>>>> char *ab_pathname;
>>>> - int len, name_len;
>>>>
>>>> - name_len = strlen(filename);
>>>> - ab_pathname = kmalloc(name_len, GFP_KERNEL);
>>>> - if (!ab_pathname)
>>>> - return NULL;
>>>> -
>>>> - ab_pathname[0] = '\\';
>>>> - ab_pathname[1] = '\0';
>>>> + if (strlen(filename) == 0) {
>>>> + ab_pathname = kmalloc(2, GFP_KERNEL);
>>>> + ab_pathname[0] = '\\';
>>>> + ab_pathname[1] = '\0';
>>>
>>> This converts the empty filename to "\" - the volume root!?
>> "\" is relative to the share. i.e. the share root.
>
> Is that the right thing to do? Does the Samba server do this?
>
> I believe the Windows server will fail such a path, but I can't
> check right now.
I am trying to check whether windows fail, but windows doesn't send
FILE_ALL_INFORMATION to ksmbd...
And smbtorture of samba have passed regardless of "/". So I didn't
probably notice such issue. I will fix it on another patch.
Thanks for your review!
>
> Tom.
>
