Date: Sat, 19 Mar 2022 15:11:46 GMT From: Mateusz Guzik <mjg@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: 6ff3e8a3165e - main - cache: add a comment about a realpath bug Message-ID: <202203191511.22JFBk9k089361@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by mjg: URL: https://cgit.FreeBSD.org/src/commit/?id=6ff3e8a3165ea580c184cfad8ebd7cffc17b0271 commit 6ff3e8a3165ea580c184cfad8ebd7cffc17b0271 Author: Mateusz Guzik <mjg@FreeBSD.org> AuthorDate: 2022-03-19 15:11:25 +0000 Commit: Mateusz Guzik <mjg@FreeBSD.org> CommitDate: 2022-03-19 15:11:25 +0000 cache: add a comment about a realpath bug --- sys/kern/vfs_cache.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/sys/kern/vfs_cache.c b/sys/kern/vfs_cache.c index 13c84791583e..147d3075dfac 100644 --- a/sys/kern/vfs_cache.c +++ b/sys/kern/vfs_cache.c @@ -3119,6 +3119,17 @@ vn_getcwd(char *buf, char **retbuf, size_t *buflen) return (error); } +/* + * Canonicalize a path by walking it forward and back. + * + * BUGS: + * - Nothing guarantees the integrity of the entire chain. Consider the case + * where the path "foo/bar/baz/qux" is passed, but "bar" is moved out of + * "foo" into "quux" during the backwards walk. The result will be + * "quux/bar/baz/qux", which could not have been obtained by an incremental + * walk in userspace. Moreover, the path we return is inaccessible if the + * calling thread lacks permission to traverse "quux". + */ static int kern___realpathat(struct thread *td, int fd, const char *path, char *buf, size_t size, int flags, enum uio_seg pathseg)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202203191511.22JFBk9k089361>