]> git.proxmox.com Git - mirror_ubuntu-kernels.git/commit
ksmbd: prevent out of share access
authorHyunchul Lee <hyc.lee@gmail.com>
Fri, 17 Sep 2021 13:14:08 +0000 (22:14 +0900)
committerSteve French <stfrench@microsoft.com>
Fri, 17 Sep 2021 22:18:48 +0000 (17:18 -0500)
commitf58eae6c5fa882d6d0a6b7587a099602a59d57b5
tree348ec6f925414c7a37b5f5c2f94a7b0c9b5a0392
parenta9b3043de47b7f8cbe38c36aee572526665b6315
ksmbd: prevent out of share access

Because of .., files outside the share directory
could be accessed. To prevent this, normalize
the given path and remove all . and ..
components.

In addition to the usual large set of regression tests (smbtorture
and xfstests), ran various tests on this to specifically check
path name validation including libsmb2 tests to verify path
normalization:

 ./examples/smb2-ls-async smb://172.30.1.15/homes2/../
 ./examples/smb2-ls-async smb://172.30.1.15/homes2/foo/../
 ./examples/smb2-ls-async smb://172.30.1.15/homes2/foo/../../
 ./examples/smb2-ls-async smb://172.30.1.15/homes2/foo/../
 ./examples/smb2-ls-async smb://172.30.1.15/homes2/foo/..bar/
 ./examples/smb2-ls-async smb://172.30.1.15/homes2/foo/bar../
 ./examples/smb2-ls-async smb://172.30.1.15/homes2/foo/bar..
 ./examples/smb2-ls-async smb://172.30.1.15/homes2/foo/bar../../../../

Signed-off-by: Hyunchul Lee <hyc.lee@gmail.com>
Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
fs/ksmbd/misc.c
fs/ksmbd/misc.h
fs/ksmbd/smb2pdu.c