RepoMirrors/btrfs-progs
1
0
Fork 0
mirror of https://github.com/kdave/btrfs-progs synced 2025-04-30 06:57:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

btrfs-progs: prevent incorrect use of subvol_strip_mountpoint

Browse Source 
Add additional bound checks to prevent memory corruption on incorrect
usage of subvol_strip_mountpoint. Assert sane return value by properly
comparing the mount point to the full_path before stripping it off.

Mitigates issue: "btrfs send -p" fails if source and parent subvolumes
are on different mountpoints (memory corruption):

    https://github.com/kdave/btrfs-progs/issues/96

Note that this does not properly fix this bug, but prevents a possible
security issue by unexpected usage of "btrfs send -p".

Issue: #96
Pull-request: #98
Signed-off-by: Axel Burri <axel@tty0.ch>
Signed-off-by: David Sterba <dsterba@suse.com>
This commit is contained in:
Axel Burri 2018-02-17 16:05:34 +01:00 committed by David Sterba
parent d62bd38079
commit c5dc299aff
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
utils.c
View File

@ -2484,6 +2484,11 @@ const char *subvol_strip_mountpoint(const char *mnt, const char *full_path)
if (!len) if (!len)
return full_path; return full_path;
if ((strncmp(mnt, full_path, len) != 0) || (full_path[len] != '/')) {
error("not on mount point: %s", mnt);
exit(1);
}
if (mnt[len - 1] != '/') if (mnt[len - 1] != '/')
len += 1; len += 1;