From nobody Mon Feb 20 21:29:47 2023 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PLFtg4Szhz3sCRr; Mon, 20 Feb 2023 21:29:47 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PLFtg3qXMz3m0v; Mon, 20 Feb 2023 21:29:47 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1676928587; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ydC5U3nDJNllItUKNTV6rSRNaQw+tNtCfI6ylV1u1M8=; b=dQPtTQ6ZqAdw5zuubr9k+4NzofMdKsQDFoknoeiklWPNETY7ZsktMBS6kl0yU4NVkeawYe WNtSgGeX8Pm9eJHq8c5VhY7x2d+d9WypV2wCuQZcUlGrj2BG/04d1FaLuuM8xhDpMVTHNW mDW9wa4dO0FQX0gT4cN7uq+OJ08oe8VybFlstT0O42S+7fePq1lclXf7ixWvPoZcRx4bVH DwCOYB/LJkcN4FduKOYEe6Pii31oW3w3uAe7+uV3Efw7a3CGUt/VBTxMd/Vy+b8SbegVNP toLXstGwp+jzE80A4tipeQ1JQ4/nGrj5HNixKYwUbtV2hSXKZ/0WcamTqmKxQA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1676928587; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ydC5U3nDJNllItUKNTV6rSRNaQw+tNtCfI6ylV1u1M8=; b=DWlbNJq3aWCyKDyxvlZVXRTn8dS+dhqeXTYPBR4oIENutCyEsS+Px8c8oUBJdwPx49RVF7 OF8yYd63EYnWFHynUiGB5QDACWzj44LG4DZTroCUlnXfUxrLBmYRd6IO/QZEGch023usM5 GZceT3QCB2CBIxIvM2Jj6Y9AVApGhA/xt/fHwGU5EtpGgCMT4vtyKw1F59++sexE2Xs1qG yX3mFn8V29glNsLqgtj5RViy/yAawzxwqs0QsV63V8u6+3GnHLBZ698GAz1pJf+/lyMmpO KNeS4Efr5HYnTU/DKD0TDPpJGJgeGqFB6fjXSw7iMxcWNexlgrBtoFw+IsKn1A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1676928587; a=rsa-sha256; cv=none; b=QRnJVTAeUmICkGTyfkxnM6YBibiDhZrZauSv1V36AQU7lk13wlxN+l/c9akZ6nPXfqJ5gG d9HoC+HI5SCSQ89lwrwYCxCwBOtH2m247ROwnsOIaGHxcTAlskB1V9YIu/K1GxfK6y10F+ llMIUsmEj++xcK8pxVKQktQYTdZe/Cqg11FL2rUdIgUlzj0XA49JNSn8skOVRyJvt2IxUb vMj1T8YPVHYLYT9aBRPtY/cNydhCVNFnwXrcA1orvNAJd9uRZVyJzeCZQQS2G51+IoWtJe WhBLR6yfD3a46bnmZUAVxLY98btz7Emp5IvgcCIvXqAnmqvUQps4z79zNS0Mbw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4PLFtg2t5Qzwch; Mon, 20 Feb 2023 21:29:47 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 31KLTldA095501; Mon, 20 Feb 2023 21:29:47 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 31KLTlJX095500; Mon, 20 Feb 2023 21:29:47 GMT (envelope-from git) Date: Mon, 20 Feb 2023 21:29:47 GMT Message-Id: <202302202129.31KLTlJX095500@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: =?utf-8?Q?Dag-Erling=20Sm=C3=B8rgrav?= Subject: git: d481dcee72a0 - main - tarfs: Really prevent descending into a non-directory. List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: des X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: d481dcee72a05580c4c3af4a429b1c08fa846056 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by des: URL: https://cgit.FreeBSD.org/src/commit/?id=d481dcee72a05580c4c3af4a429b1c08fa846056 commit d481dcee72a05580c4c3af4a429b1c08fa846056 Author: Dag-Erling Smørgrav AuthorDate: 2023-02-20 21:28:53 +0000 Commit: Dag-Erling Smørgrav CommitDate: 2023-02-20 21:29:19 +0000 tarfs: Really prevent descending into a non-directory. The previous fix was incorrect: we need to verify that the current node, if it exists, is not a directory, but we were checking the parent node instead. Address this, add more tests, and fix the test cleanup routines. PR: 269519, 269561 Fixes: ae6cff89738b Sponsored by: Juniper Networks, Inc. Sponsored by: Klara, Inc. Reviewed by: kib Differential Revision: https://reviews.freebsd.org/D38645 --- sys/fs/tarfs/tarfs_vfsops.c | 17 ++++---- tests/sys/fs/tarfs/tarfs_test.sh | 87 ++++++++++++++++++++++++++++++++++------ 2 files changed, 85 insertions(+), 19 deletions(-) diff --git a/sys/fs/tarfs/tarfs_vfsops.c b/sys/fs/tarfs/tarfs_vfsops.c index b3c30e884a9d..059608ea60a5 100644 --- a/sys/fs/tarfs/tarfs_vfsops.c +++ b/sys/fs/tarfs/tarfs_vfsops.c @@ -304,8 +304,8 @@ tarfs_lookup_path(struct tarfs_mount *tmp, char *name, size_t namelen, if (tnp == NULL) panic("%s: root node not yet created", __func__); - TARFS_DPF(LOOKUP, "%s: Full path: %.*s\n", __func__, (int)namelen, - name); + TARFS_DPF(LOOKUP, "%s: full path: %.*s\n", __func__, + (int)namelen, name); sep = NULL; for (;;) { @@ -320,8 +320,10 @@ tarfs_lookup_path(struct tarfs_mount *tmp, char *name, size_t namelen, break; } - /* we're not at the end, so parent must be a directory */ - if (parent->type != VDIR) { + /* we're not at the end, so we must be in a directory */ + if (tnp != NULL && tnp->type != VDIR) { + TARFS_DPF(LOOKUP, "%s: %.*s is not a directory\n", __func__, + (int)tnp->namelen, tnp->name); error = ENOTDIR; break; } @@ -365,8 +367,9 @@ tarfs_lookup_path(struct tarfs_mount *tmp, char *name, size_t namelen, tnp = NULL; cn.cn_nameptr = name; cn.cn_namelen = len; - TARFS_DPF(LOOKUP, "%s: Search: %.*s\n", __func__, - (int)cn.cn_namelen, cn.cn_nameptr); + TARFS_DPF(LOOKUP, "%s: looking up %.*s in %.*s/\n", __func__, + (int)cn.cn_namelen, cn.cn_nameptr, + (int)parent->namelen, parent->name); if (do_lookup) { tnp = tarfs_lookup_node(parent, NULL, &cn); if (tnp == NULL) { @@ -379,7 +382,7 @@ tarfs_lookup_path(struct tarfs_mount *tmp, char *name, size_t namelen, namelen -= cn.cn_namelen; } - TARFS_DPF(LOOKUP, "%s: Parent %p, node %p\n", __func__, parent, tnp); + TARFS_DPF(LOOKUP, "%s: parent %p node %p\n", __func__, parent, tnp); if (retparent) *retparent = parent; diff --git a/tests/sys/fs/tarfs/tarfs_test.sh b/tests/sys/fs/tarfs/tarfs_test.sh index 634b6be3dd08..15319e249034 100644 --- a/tests/sys/fs/tarfs/tarfs_test.sh +++ b/tests/sys/fs/tarfs/tarfs_test.sh @@ -27,12 +27,12 @@ # mktar="$(dirname $(realpath "$0"))"/mktar -mnt="$(realpath ${TMPDIR:-/tmp})/mnt.$$" +mnt="$(realpath ${TMPDIR:-/tmp})/mnt" # expected SHA256 checksum of file contained in test tarball sum=4da2143234486307bb44eaa610375301781a577d1172f362b88bb4b1643dee62 -atf_test_case tarfs_test +atf_test_case tarfs_basic cleanup tarfs_basic_head() { atf_set "descr" "Basic function test" atf_set "require.user" "root" @@ -50,27 +50,90 @@ tarfs_basic_cleanup() { umount "${mnt}" } -atf_test_case tarfs_notdir -tarfs_notdir_head() { - atf_set "descr" "Regression test for PR 269519" +atf_test_case tarfs_notdir_device cleanup +tarfs_notdir_device_head() { + atf_set "descr" "Regression test for PR 269519 and 269561" atf_set "require.user" "root" } -tarfs_notdir_body() { +tarfs_notdir_device_body() { + mkdir "${mnt}" + atf_check mknod d b 0xdead 0xbeef + tar cf tarfs_notdir.tar d + rm d + mkdir d + echo "boom" >d/f + tar rf tarfs_notdir.tar d/f + atf_check -s not-exit:0 -e match:"Invalid" \ + mount -rt tarfs tarfs_notdir.tar "${mnt}" +} +tarfs_notdir_device_cleanup() { + umount "${mnt}" || true +} + +atf_test_case tarfs_notdir_dot cleanup +tarfs_notdir_dot_head() { + atf_set "descr" "Regression test for PR 269519 and 269561" + atf_set "require.user" "root" +} +tarfs_notdir_dot_body() { mkdir "${mnt}" echo "hello" >d tar cf tarfs_notdir.tar d rm d - mkdir -p d/s - echo "world" >d/s/f - tar rf tarfs_notdir.tar d/s/f + mkdir d + echo "world" >d/f + tar rf tarfs_notdir.tar d/./f atf_check -s not-exit:0 -e match:"Invalid" \ mount -rt tarfs tarfs_notdir.tar "${mnt}" } -tarfs_notdir_cleanup() { - umount "${mnt}" +tarfs_notdir_dot_cleanup() { + umount "${mnt}" || true +} + +atf_test_case tarfs_notdir_dotdot cleanup +tarfs_notdir_dotdot_head() { + atf_set "descr" "Regression test for PR 269519 and 269561" + atf_set "require.user" "root" +} +tarfs_notdir_dotdot_body() { + mkdir "${mnt}" + echo "hello" >d + tar cf tarfs_notdir.tar d + rm d + mkdir d + echo "world" >f + tar rf tarfs_notdir.tar d/../f + atf_check -s not-exit:0 -e match:"Invalid" \ + mount -rt tarfs tarfs_notdir.tar "${mnt}" +} +tarfs_notdir_dotdot_cleanup() { + umount "${mnt}" || true +} + +atf_test_case tarfs_notdir_file cleanup +tarfs_notdir_file_head() { + atf_set "descr" "Regression test for PR 269519 and 269561" + atf_set "require.user" "root" +} +tarfs_notdir_file_body() { + mkdir "${mnt}" + echo "hello" >d + tar cf tarfs_notdir.tar d + rm d + mkdir d + echo "world" >d/f + tar rf tarfs_notdir.tar d/f + atf_check -s not-exit:0 -e match:"Invalid" \ + mount -rt tarfs tarfs_notdir.tar "${mnt}" +} +tarfs_notdir_file_cleanup() { + umount "${mnt}" || true } atf_init_test_cases() { atf_add_test_case tarfs_basic - atf_add_test_case tarfs_notdir + atf_add_test_case tarfs_notdir_device + atf_add_test_case tarfs_notdir_dot + atf_add_test_case tarfs_notdir_dotdot + atf_add_test_case tarfs_notdir_file }