[PATCH] Add name checks in dmsetup

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH] Add name checks in dmsetup
@ 2009-01-06 22:19 Peter Rajnoha
  2009-01-07  1:49 ` Alasdair G Kergon
  0 siblings, 1 reply; 2+ messages in thread
From: Peter Rajnoha @ 2009-01-06 22:19 UTC (permalink / raw)
  To: dm-devel; +Cc: agk

Checks added for DM device names to allow only names < DM_NAME_LEN, otherwise a part of
lengthy name would be silently ignored and could cause confusion while using dmsetup.
Also, the name should not contain '/' character, if it is used in context of creating
a new device or renaming the existing one (because we do not consider full path to devices,
they do not exist in filesystem yet) and appropriate error messages are shown.


diff --git a/libdm/ioctl/libdm-iface.c b/libdm/ioctl/libdm-iface.c
index 05b6894..1dce40e 100644
--- a/libdm/ioctl/libdm-iface.c
+++ b/libdm/ioctl/libdm-iface.c
@@ -1018,6 +1018,16 @@ int dm_task_suppress_identical_reload(struct dm_task *dmt)

  int dm_task_set_newname(struct dm_task *dmt, const char *newname)
  {
+	if (strchr(newname, '/')) {
+		log_error("Name \"%s\" invalid, contains \"/\"", newname);
+		return 0;
+	}
+
+	if (strlen(newname) >= DM_NAME_LEN) {
+		log_error("Name \"%s\" too long", newname);
+		return 0;
+	}
+
  	if (!(dmt->newname = dm_strdup(newname))) {
  		log_error("dm_task_set_newname: strdup(%s) failed", newname);
  		return 0;
diff --git a/libdm/libdm-common.c b/libdm/libdm-common.c
index 26fc043..deff03f 100644
--- a/libdm/libdm-common.c
+++ b/libdm/libdm-common.c
@@ -143,18 +143,27 @@ int dm_task_set_name(struct dm_task *dmt, const char *name)
  	 * as its last component.
  	 */
  	if ((pos = strrchr(name, '/'))) {
+		if (dmt->type == DM_DEVICE_CREATE) {
+			log_error("Name \"%s\" invalid, contains \"/\"", name);
+			return 0;
+		}
+
  		snprintf(path, sizeof(path), "%s/%s", _dm_dir, pos + 1);

  		if (stat(name, &st1) || stat(path, &st2) ||
  		    !(st1.st_dev == st2.st_dev)) {
-			log_error("dm_task_set_name: Device %s not found",
-				  name);
+			log_error("Device %s not found", name);
  			return 0;
  		}

  		name = pos + 1;
  	}

+	if (strlen(name) >= DM_NAME_LEN) {
+		log_error("Name \"%s\" too long", name);
+		return 0;
+	}
+
  	if (!(dmt->dev_name = dm_strdup(name))) {
  		log_error("dm_task_set_name: strdup(%s) failed", name);
  		return 0;

^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [PATCH] Add name checks in dmsetup
  2009-01-06 22:19 [PATCH] Add name checks in dmsetup Peter Rajnoha
@ 2009-01-07  1:49 ` Alasdair G Kergon
  0 siblings, 0 replies; 2+ messages in thread
From: Alasdair G Kergon @ 2009-01-07  1:49 UTC (permalink / raw)
  To: dm-devel

On Tue, Jan 06, 2009 at 11:19:12PM +0100, Peter Rajnoha wrote:
> Checks added for DM device names to allow only names < DM_NAME_LEN, 
> otherwise a part of
> lengthy name would be silently ignored and could cause confusion while 
> using dmsetup.
> Also, the name should not contain '/' character, if it is used in context 
> of creating
> a new device or renaming the existing one (because we do not consider full 
> path to devices,
> they do not exist in filesystem yet) and appropriate error messages are 
> shown.
 
Reviewed-by: Alasdair G Kergon <agk@redhat.com>

Alasdair
-- 
agk@redhat.com

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2009-01-07  1:49 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-01-06 22:19 [PATCH] Add name checks in dmsetup Peter Rajnoha
2009-01-07  1:49 ` Alasdair G Kergon

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.