On Mon, Jul 16, 2018 at 09:48:43PM +0200, Jann Horn wrote: > When you e.g. run `find` on a directory for which getdents returns > "filenames" that contain slashes, `find` passes those "filenames" back to > the kernel, which then interprets them as paths. That could conceivably > cause userspace to do something bad when accessing something like an > untrusted USB stick, but I'm not aware of any specific example. > > Instead of returning bogus filenames to userspace, return -EUCLEAN. Because there's such a lot of userland code that expect and handles that error value... I'm not sure if this mitigation is actually better than "just return it as-is", TBH.
