git: 6ff3e8a3165e - main - cache: add a comment about a realpath bug
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sat, 19 Mar 2022 15:11:46 UTC
The branch main has been updated by mjg: URL: https://cgit.FreeBSD.org/src/commit/?id=6ff3e8a3165ea580c184cfad8ebd7cffc17b0271 commit 6ff3e8a3165ea580c184cfad8ebd7cffc17b0271 Author: Mateusz Guzik <mjg@FreeBSD.org> AuthorDate: 2022-03-19 15:11:25 +0000 Commit: Mateusz Guzik <mjg@FreeBSD.org> CommitDate: 2022-03-19 15:11:25 +0000 cache: add a comment about a realpath bug --- sys/kern/vfs_cache.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/sys/kern/vfs_cache.c b/sys/kern/vfs_cache.c index 13c84791583e..147d3075dfac 100644 --- a/sys/kern/vfs_cache.c +++ b/sys/kern/vfs_cache.c @@ -3119,6 +3119,17 @@ vn_getcwd(char *buf, char **retbuf, size_t *buflen) return (error); } +/* + * Canonicalize a path by walking it forward and back. + * + * BUGS: + * - Nothing guarantees the integrity of the entire chain. Consider the case + * where the path "foo/bar/baz/qux" is passed, but "bar" is moved out of + * "foo" into "quux" during the backwards walk. The result will be + * "quux/bar/baz/qux", which could not have been obtained by an incremental + * walk in userspace. Moreover, the path we return is inaccessible if the + * calling thread lacks permission to traverse "quux". + */ static int kern___realpathat(struct thread *td, int fd, const char *path, char *buf, size_t size, int flags, enum uio_seg pathseg)