From 05ff4729e0a8bb1a67957c20d18e3097ac6003c1 Mon Sep 17 00:00:00 2001 From: Wang Shilong Date: Tue, 19 Apr 2016 12:19:30 +0800 Subject: [PATCH] LU-8037 fileset: reject dotdot as a path component Administrator might access Lustre internal files by using dotdot path for example: mount -t lustre ip@tcp:/lustre/.. /mnt/lustre Signed-off-by: Wang Shilong Change-Id: I137e12aa3f2feacb8549eb85f966c9dc8426f3af Reviewed-on: http://review.whamcloud.com/19646 Tested-by: Jenkins Tested-by: Maloo Reviewed-by: Andreas Dilger Reviewed-by: John L. Hammond Reviewed-by: Li Xi Reviewed-by: Oleg Drokin --- lustre/mdt/mdt_handler.c | 8 ++++++++ lustre/tests/sanity.sh | 16 ++++++++++++++++ 2 files changed, 24 insertions(+) diff --git a/lustre/mdt/mdt_handler.c b/lustre/mdt/mdt_handler.c index 95ac27e..47c8a17 100644 --- a/lustre/mdt/mdt_handler.c +++ b/lustre/mdt/mdt_handler.c @@ -312,6 +312,14 @@ static int mdt_lookup_fileset(struct mdt_thread_info *info, const char *fileset, rc = -EINVAL; break; } + + /* reject .. as a path component */ + if (lname->ln_namelen == 2 && + strncmp(s1, "..", 2) == 0) { + rc = -EINVAL; + break; + } + strncpy(name, s1, lname->ln_namelen); name[lname->ln_namelen] = '\0'; diff --git a/lustre/tests/sanity.sh b/lustre/tests/sanity.sh index 8a96be6..81a3532 100644 --- a/lustre/tests/sanity.sh +++ b/lustre/tests/sanity.sh @@ -13566,6 +13566,22 @@ test_247d() { } run_test 247d "running fid2path inside root" +# LU-8037 +test_247e() { + lctl get_param -n mdc.$FSNAME-MDT0000*.import | + grep -q subtree || + { skip "Fileset feature is not supported"; return; } + + local submount=${MOUNT}_$tdir + + mkdir $MOUNT/$tdir + mkdir -p $submount || error "mkdir $submount failed" + FILESET="$FILESET/.." mount_client $submount && + error "mount $submount should fail" + rmdir $submount +} +run_test 247e "mount .. as fileset" + test_250() { [ "$(facet_fstype ost$(($($GETSTRIPE -i $DIR/$tfile) + 1)))" = "zfs" ] \ && skip "no 16TB file size limit on ZFS" && return -- 1.8.3.1