git.proxmox.com Git - mirror_ubuntu-kernels.git/commit

author	Hyunchul Lee <hyc.lee@gmail.com>
	Fri, 17 Sep 2021 13:14:08 +0000 (22:14 +0900)
committer	Steve French <stfrench@microsoft.com>
	Fri, 17 Sep 2021 22:18:48 +0000 (17:18 -0500)
commit	f58eae6c5fa882d6d0a6b7587a099602a59d57b5
tree	348ec6f925414c7a37b5f5c2f94a7b0c9b5a0392	tree
parent	a9b3043de47b7f8cbe38c36aee572526665b6315	commit \| diff

ksmbd: prevent out of share access

Because of .., files outside the share directory
could be accessed. To prevent this, normalize
the given path and remove all . and ..
components.

In addition to the usual large set of regression tests (smbtorture
and xfstests), ran various tests on this to specifically check
path name validation including libsmb2 tests to verify path
normalization:

./examples/smb2-ls-async smb://172.30.1.15/homes2/../
./examples/smb2-ls-async smb://172.30.1.15/homes2/foo/../
./examples/smb2-ls-async smb://172.30.1.15/homes2/foo/../../
./examples/smb2-ls-async smb://172.30.1.15/homes2/foo/../
./examples/smb2-ls-async smb://172.30.1.15/homes2/foo/..bar/
./examples/smb2-ls-async smb://172.30.1.15/homes2/foo/bar../
./examples/smb2-ls-async smb://172.30.1.15/homes2/foo/bar..
./examples/smb2-ls-async smb://172.30.1.15/homes2/foo/bar../../../../

Signed-off-by: Hyunchul Lee <hyc.lee@gmail.com>
Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>

fs/ksmbd/misc.c		diff \| blob \| blame \| history
fs/ksmbd/misc.h		diff \| blob \| blame \| history
fs/ksmbd/smb2pdu.c		diff \| blob \| blame \| history