git.baikalelectronics.ru Git - kernel.git/commit

author	Hyunchul Lee <hyc.lee@gmail.com>
	Fri, 17 Sep 2021 13:14:08 +0000 (22:14 +0900)
committer	Steve French <stfrench@microsoft.com>
	Fri, 17 Sep 2021 22:18:48 +0000 (17:18 -0500)
commit	e8ddfaf92d90f48f4644344fa741d400e5c18283
tree	348ec6f925414c7a37b5f5c2f94a7b0c9b5a0392	tree \| snapshot
parent	6237a5f26894b4d5b5d7ba625944748fa5957775	commit \| diff

ksmbd: prevent out of share access

Because of .., files outside the share directory
could be accessed. To prevent this, normalize
the given path and remove all . and ..
components.

In addition to the usual large set of regression tests (smbtorture
and xfstests), ran various tests on this to specifically check
path name validation including libsmb2 tests to verify path
normalization:

./examples/smb2-ls-async smb://172.30.1.15/homes2/../
./examples/smb2-ls-async smb://172.30.1.15/homes2/foo/../
./examples/smb2-ls-async smb://172.30.1.15/homes2/foo/../../
./examples/smb2-ls-async smb://172.30.1.15/homes2/foo/../
./examples/smb2-ls-async smb://172.30.1.15/homes2/foo/..bar/
./examples/smb2-ls-async smb://172.30.1.15/homes2/foo/bar../
./examples/smb2-ls-async smb://172.30.1.15/homes2/foo/bar..
./examples/smb2-ls-async smb://172.30.1.15/homes2/foo/bar../../../../

Signed-off-by: Hyunchul Lee <hyc.lee@gmail.com>
Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>

fs/ksmbd/misc.c		diff \| blob \| history
fs/ksmbd/misc.h		diff \| blob \| history
fs/ksmbd/smb2pdu.c		diff \| blob \| history