Date: Tue, 02 Jun 2009 13:31:24 +0200 From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no> To: Bruce Evans <bde@zeta.org.au> Cc: freebsd-hackers@FreeBSD.org, Jakub Lach <jakub_lach@mailplus.pl> Subject: Re: FYI Lighttpd 1.4.23 /kernel (trailing '/' on regular file symlink) vulnerability Message-ID: <86oct6rhwz.fsf@ds4.des.no> In-Reply-To: <20090530033902.Q6382@delplex.bde.org> (Bruce Evans's message of "Sat, 30 May 2009 04:17:43 %2B1000 (EST)") References: <23727599.post@talk.nabble.com> <86prdvipwe.fsf@ds4.des.no> <20090527233110.E4243@delplex.bde.org> <86r5yaijef.fsf@ds4.des.no> <20090529210855.V1643@besplex.bde.org> <86vdnju9z1.fsf@ds4.des.no> <86r5y7u9r3.fsf@ds4.des.no> <20090530033902.Q6382@delplex.bde.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Bruce Evans <bde@zeta.org.au> writes:
> This comment could do with some rewording to emphasize inheritance of the
> flag and to improve the grammar of the comment.
Suggestions? For reference, here's the entire comment:
/*
* Replace multiple slashes by a single slash and trailing slashes
* by a null. This must be done before VOP_LOOKUP() because some
* fs's don't know about trailing slashes. Remember if there were
* trailing slashes to handle symlinks, existing non-directories
* and non-existing files that won't be directories specially later.
*/
>> - if (*cp =3D=3D '\0' && trailing_slash &&
>> + if (*cp =3D=3D '\0' && (cnp->cn_flags & TRAILINGSLASH) &&
>> !(cnp->cn_flags & WILLBEDIR)) {
>> error =3D ENOENT;
>> goto bad;
>
> Try replacing *cp =3D=3D '\0' by (cnp->cn_flags & ISLASTCN) and maybe com=
bine
> the flags tests. Apparently I hacked in the *cp test because I didn't
> quite understand ISLASTCN.
Is the test necessary at all? Cf. Eygene's comment.
DES
--=20
Dag-Erling Sm=C3=B8rgrav - des@des.no
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86oct6rhwz.fsf>