Gh0st
/
linux
mirror of https://github.com/torvalds/linux.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

coredump: don't allow ".." in coredump socket path 

There's no point in allowing to walk upwards for the coredump socket.
We already force userspace to give use a sane path, no symlinks, no
magiclinks, and also block "..". Use an absolute path without any
shenanigans.

Link: https://lore.kernel.org/20250612-work-coredump-massage-v1-6-315c0c34ba94@kernel.org
Signed-off-by: Christian Brauner <brauner@kernel.org>
This commit is contained in:
Christian Brauner 2025-06-12 15:25:20 +02:00
parent 0da3e3822c
commit edfe3bdbbb
No known key found for this signature in database
GPG Key ID: 91C61BC06578DCA2
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
fs/coredump.c
View File

@ -1418,6 +1418,10 @@ static inline bool check_coredump_socket(void)
if (strlen(p) >= UNIX_PATH_MAX)
return false;
/* Must not contain ".." in the path. */
if (name_contains_dotdot(core_pattern))
return false;
return true;
}