Re: [PATCH] 9pfs: fix deep path truncation in V9fsPath

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Christian Schoenebeck <qemu_oss@crudebyte.com>
To: qemu-devel@nongnu.org
Cc: qemu-devel@nongnu.org, Greg Kurz <groug@kaod.org>,
	qemu-stable@nongnu.org,  Jia Jia <physicalmtea@gmail.com>
Subject: Re: [PATCH] 9pfs: fix deep path truncation in V9fsPath
Date: Mon, 04 May 2026 12:30:28 +0200	[thread overview]
Message-ID: <3415602.44csPzL39Z@weasel> (raw)
In-Reply-To: <20260430125241.3212990-1-physicalmtea@gmail.com>

On Thursday, 30 April 2026 14:52:41 CEST Jia Jia wrote:
[...]
> If I understood your suggestion correctly, the short-term mitigation would
> be roughly:
> 
>   - make v9fs_path_sprintf() fail on both g_vasprintf() failure and overlong
> results;
>   - propagate that error through callers such as local_name_to_path();
>   - make v9fs_fix_path() return an error as well;
>   - and if a live fid path cannot be rebuilt during rename/fixup, clunk or
>     otherwise invalidate that fid immediately instead of leaving it
> reachable with invalid path state.

Yes, that's roughly what I had in mind as short-term mitigation. Additionally 
I would suggest calling error_report_once() somewhere, as it would be an 
unusual incident that should be logged.

> So this is not just a local check in v9fs_path_sprintf(), but also error
> propagation plus fid invalidation on fixup failure.

Right, unfortunately I don't see an easier way to address this. E.g. one might 
think to just add a max. path length check when creating a new file/dir, which 
would fix the reported vector, but then it could still be triggered by moving 
a dir into a subdir, and the moved dir could have a deep directory structure, 
so one simple path length check would not be sufficient.

/Christian

     prev parent reply	other threads:[~2026-05-04 10:31 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-04-28  7:46 [PATCH] 9pfs: fix deep path truncation in V9fsPath Jia Jia
2026-04-28  8:21 ` Please ignore my " Jia Jia
2026-04-30  8:57 ` Christian Schoenebeck
2026-04-30 12:52   ` Jia Jia
2026-05-04 10:30     ` Christian Schoenebeck [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=3415602.44csPzL39Z@weasel \
    --to=qemu_oss@crudebyte.com \
    --cc=groug@kaod.org \
    --cc=physicalmtea@gmail.com \
    --cc=qemu-devel@nongnu.org \
    --cc=qemu-stable@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.