Date: Wed, 3 Jun 2009 14:27:08 +0400 From: Eygene Ryabinkin <rea-fbsd@codelabs.ru> To: Dag-Erling Sm??rgrav <des@des.no> Cc: freebsd-hackers@FreeBSD.org, Jakub Lach <jakub_lach@mailplus.pl>, Bruce Evans <bde@zeta.org.au> Subject: Re: FYI Lighttpd 1.4.23 /kernel (trailing '/' on regular file symlink) vulnerability Message-ID: <ZuxGdg11i7%2BYzQKFs9VOfJU60%2B4@j4OYE6OL8eALCd4BvSxIfwgoxSc> In-Reply-To: <86my8pelji.fsf@ds4.des.no> References: <86prdvipwe.fsf@ds4.des.no> <20090527233110.E4243@delplex.bde.org> <86r5yaijef.fsf@ds4.des.no> <20090529210855.V1643@besplex.bde.org> <86vdnju9z1.fsf@ds4.des.no> <86r5y7u9r3.fsf@ds4.des.no> <qlE9VS4n%2BoBC3U4EHMxYsjC7RHI@XX1fo6zQUfC4h0jjRC6IBz3oNH4> <86skiiri1p.fsf@ds4.des.no> <dl%2BTldq1IjLtbwOv9fvp7D68xCc@10Ilc7MfiXA2JVIRVQpZfk7cTQ4> <86my8pelji.fsf@ds4.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
Wed, Jun 03, 2009 at 11:03:45AM +0200, Dag-Erling Sm??rgrav wrote: > Isn't it clearly described in the preceding comment? Specifically, by > the first two sentences: "Replace multiple slashes by a single slash and > trailing slashes by a null. This must be done before VOP_LOOKUP() > because some fs's don't know about trailing slashes." Yes, it is clearly described. But I started to understand this description only after asking myself "what ndp->ni_next is doing here and why do we want to place '\0' to this address"? I could be a bit stupid, yeah ;)) But this code snippet can be a bit hard to read for others as well. May be not -- can't say for sure. -- Eygene _ ___ _.--. # \`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard / ' ` , __.--' # to read the on-line manual )/' _/ \ `-_, / # while single-stepping the kernel. `-'" `"\_ ,_.-;_.-\_ ', fsc/as # _.-'_./ {_.' ; / # -- FreeBSD Developers handbook {_.-``-' {_/ #
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ZuxGdg11i7%2BYzQKFs9VOfJU60%2B4>