From 5441fb4196a94d238377c427f400fe5e28ae5d46 Mon Sep 17 00:00:00 2001 From: Amar Tumballi Date: Thu, 1 Nov 2018 07:02:11 +0530 Subject: server: don't allow '/' in basename Server stack needs to have all the sort of validation, assuming clients can be compromized. It is possible for a compromized client to send basenames with paths with '/', and with that create files without permission on server. By sanitizing the basename, and not allowing anything other than actual directory as the parent for any entry creation, we can mitigate the effects of clients not able to exploit the server. Fixes: CVE-2018-14651 Fixes: bz#1644755 Change-Id: I5dc0da0da2713452ff2b65ac2ddbccf1a267dc20 Signed-off-by: Amar Tumballi --- xlators/storage/posix/src/posix-handle.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'xlators/storage') diff --git a/xlators/storage/posix/src/posix-handle.h b/xlators/storage/posix/src/posix-handle.h index 7c79b569128..c4d7cb14503 100644 --- a/xlators/storage/posix/src/posix-handle.h +++ b/xlators/storage/posix/src/posix-handle.h @@ -150,9 +150,9 @@ break; \ } \ \ - if (strstr(loc->name, "../")) { \ + if (strchr(loc->name, '/')) { \ gf_msg(this->name, GF_LOG_ERROR, 0, P_MSG_ENTRY_HANDLE_CREATE, \ - "'../' in name not allowed: (%s)", loc->name); \ + "'/' in name not allowed: (%s)", loc->name); \ op_ret = -1; \ break; \ } \ -- cgit