From: Kris Van Hees <kris.van.hees@oracle.com>
To: eugene.loh@oracle.com
Cc: dtrace@lists.linux.dev, dtrace-devel@oss.oracle.com
Subject: Re: [PATCH 11/38] USDT module names may contain dots; but forbid "." and ".." names
Date: Thu, 18 Jul 2024 15:23:40 -0400 [thread overview]
Message-ID: <ZplrvGStIyiZeWYH@oracle.com> (raw)
In-Reply-To: <20240627053455.21567-12-eugene.loh@oracle.com>
On Thu, Jun 27, 2024 at 01:34:28AM -0400, eugene.loh@oracle.com wrote:
> From: Eugene Loh <eugene.loh@oracle.com>
>
> Signed-off-by: Eugene Loh <eugene.loh@oracle.com>
Reviewed-by: Kris Van Hees <kris.van.hees@oracle.com>
> ---
> dtprobed/dof_stash.c | 30 ++++++++++++++----------------
> 1 file changed, 14 insertions(+), 16 deletions(-)
>
> diff --git a/dtprobed/dof_stash.c b/dtprobed/dof_stash.c
> index 62418b66..625572d5 100644
> --- a/dtprobed/dof_stash.c
> +++ b/dtprobed/dof_stash.c
> @@ -231,6 +231,20 @@ make_probespec_name(const char *prov, const char *mod, const char *fn,
> {
> char *ret;
>
> + /*
> + * Ban "." and ".." as name components. Obviously names
> + * containing dots are commonplace (shared libraries,
> + * for instance), but allowing straight . and .. would
> + * have obviously horrible consequences. They can't be
> + * filenames anyway, and you can't create them with
> + * dtrace -h because they aren't valid C identifier names.
> + */
> + if (strcmp(prov, ".") == 0 || strcmp(prov, "..") == 0 ||
> + strcmp(mod, ".") == 0 || strcmp(mod, "..") == 0 ||
> + strcmp(fn, ".") == 0 || strcmp(fn, "..") == 0 ||
> + strcmp(prb, ".") == 0 || strcmp(prb, "..") == 0)
> + return NULL;
> +
> if (asprintf(&ret, "%s:%s:%s:%s", prov, mod, fn, prb) < 0) {
> fuse_log(FUSE_LOG_ERR, "dtprobed: out of memory making probespec\n");
> return NULL;
> @@ -589,22 +603,6 @@ dof_stash_write_parsed(pid_t pid, dev_t dev, ino_t ino, dt_list_t *accum)
> mod, fun, prb)) == NULL)
> goto err_provider;
>
> - /*
> - * Ban "." and ".." as name components. Obviously names
> - * containing dots are commonplace (shared libraries,
> - * for instance), but allowing straight . and .. would
> - * have obviously horrible consequences. They can't be
> - * filenames anyway, and you can't create them with
> - * dtrace -h because they aren't valid C identifier
> - * names.
> - */
> - op = "probe name validation";
> - probe_err = parsedfn;
> -
> - if (strcmp(parsedfn, ".") == 0 ||
> - strcmp(parsedfn, "..") == 0)
> - goto err_provider;
> -
> op = "probe module";
>
> if ((mod_dir = make_state_dirat(prov_dir, mod, op, 0)) < 0)
> --
> 2.18.4
>
next prev parent reply other threads:[~2024-07-18 19:23 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-27 5:34 eugene.loh
2024-06-27 5:34 ` [PATCH 01/38] Move comment closer to the code it describes eugene.loh
2024-06-27 5:34 ` [PATCH 02/38] Move dt_spec_buf_data_t and dt_spec_buf_t into dt_consume.c eugene.loh
2024-07-18 6:54 ` Kris Van Hees
2024-06-27 5:34 ` [PATCH 03/38] Get rid of apparently orphaned status[2] eugene.loh
2024-07-18 6:59 ` Kris Van Hees
2024-06-27 5:34 ` [PATCH 04/38] Get rid of apparently orphaned bufdesc stuff eugene.loh
2024-07-18 18:28 ` Kris Van Hees
2024-06-27 5:34 ` [PATCH 05/38] Get rid of unneeded enabling_defines.h eugene.loh
2024-07-18 18:35 ` Kris Van Hees
2024-06-27 5:34 ` [PATCH 06/38] Get rid of unused dtrace_repldesc_t eugene.loh
2024-07-18 18:34 ` Kris Van Hees
2024-06-27 5:34 ` [PATCH 07/38] Clean up prp/pprp/uprp variable names eugene.loh
2024-07-18 18:48 ` Kris Van Hees
2024-07-18 20:19 ` Eugene Loh
2024-06-27 5:34 ` [PATCH 08/38] Fix comment in dt_probe.c eugene.loh
2024-07-18 18:49 ` Kris Van Hees
2024-06-27 5:34 ` [PATCH 09/38] Fix comments that hardwire DBUF_ offsets eugene.loh
2024-07-18 19:04 ` Kris Van Hees
2024-06-27 5:34 ` [PATCH 10/38] Fix comments in dt_cg.c eugene.loh
2024-07-18 19:28 ` Kris Van Hees
2024-07-18 20:29 ` Eugene Loh
2024-06-27 5:34 ` [PATCH 11/38] USDT module names may contain dots; but forbid "." and ".." names eugene.loh
2024-07-18 19:23 ` Kris Van Hees [this message]
2024-06-27 5:34 ` [PATCH 12/38] USDT module names may contain dots; remove incorrect check eugene.loh
2024-07-18 19:24 ` Kris Van Hees
2024-06-27 5:34 ` [PATCH 13/38] Hide dtrace_actdesc_t until it is needed eugene.loh
2024-07-18 20:02 ` Kris Van Hees
2024-07-18 21:06 ` Eugene Loh
2024-07-18 21:28 ` Kris Van Hees
2024-07-18 22:36 ` Eugene Loh
2024-06-27 5:34 ` [PATCH 14/38] Remove orphaned dtrace_hdl_t component dt_maxformat eugene.loh
2024-07-18 20:03 ` Kris Van Hees
2024-06-27 5:34 ` [PATCH 15/38] Remove orphaned dtrace_hdl_t component dt_prov_usdt eugene.loh
2024-07-18 20:03 ` Kris Van Hees
2024-06-27 5:34 ` [PATCH 16/38] Move dt_probe_clause_t to be available outside of dt_probe.c eugene.loh
2024-07-18 20:19 ` Kris Van Hees
2024-06-27 5:34 ` [PATCH 17/38] Add a provider-specific probe_add_clause handle eugene.loh
2024-07-18 20:49 ` Kris Van Hees
2024-07-19 4:00 ` Eugene Loh
2024-06-27 5:34 ` [PATCH 18/38] Add a provider-specific probe_add_clause for underlying probes eugene.loh
2024-07-18 20:50 ` Kris Van Hees
2024-07-19 4:00 ` Eugene Loh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZplrvGStIyiZeWYH@oracle.com \
--to=kris.van.hees@oracle.com \
--cc=dtrace-devel@oss.oracle.com \
--cc=dtrace@lists.linux.dev \
--cc=eugene.loh@oracle.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.