LU-18112 mdt: check for fid from a client to match format

Access to /mnt/lustre/.lustre/fid/0x200000 passes sane checks

Change-Id: I748e519b56cce6809285bbe178e89f5872a46188
HPE-bug-id: LUS-12448
Signed-off-by: Andriy Skulysh <andriy.skulysh@hpe.com>
Reviewed-on: https://review.whamcloud.com/c/fs/lustre-release/+/55947
Tested-by: jenkins <devops@whamcloud.com>
Tested-by: Maloo <maloo@whamcloud.com>
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
Reviewed-by: Alexander Zarochentsev <alexander.zarochentsev@hpe.com>
Reviewed-by: Oleg Drokin <green@whamcloud.com>

diff --git a/lustre/mdd/mdd_device.c b/lustre/mdd/mdd_device.c
index 9068a17..9e9434d 100644 (file)
--- a/lustre/mdd/mdd_device.c
+++ b/lustre/mdd/mdd_device.c
@@ -864,7 +864,9 @@ static int obf_lookup(const struct lu_env *env, struct md_object *p,
        while (*name == '[')
                name++;
 
-       sscanf(name, SFID, RFID(f));
+        if (sscanf(name, SFID, RFID(f)) != 3)
+               GOTO(out, rc = -ENOENT);
+
        if (!fid_is_sane(f))
                GOTO(out, rc = -ENOENT);