RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-06-30 22:42:11 +00:00
Code Issues Activity Actions

Kernel/VFS: Add FIXMEs about error codes leaking data from veiled paths

Browse source 
Error codes can leak information about veiled paths, if the path
resolution fails with e.g. EACCESS.

This is non-trivial to fix, as there is a group of error codes we want
to propagate to the caller, such as ENOMEM.
This commit is contained in:
Max Wipfli 2022-02-13 17:31:33 +01:00 committed by Idan Horowitz
parent f3cf1b33d7
commit b0df096298
1 changed files with 4 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

4
Kernel/FileSystem/VirtualFileSystem.cpp
View file

@ -363,6 +363,8 @@ ErrorOr<void> VirtualFileSystem::mkdir(StringView path, mode_t mode, Custody& ba
}
RefPtr<Custody> parent_custody;
// FIXME: The errors returned by resolve_path_without_veil can leak information about paths that are not unveiled,
// e.g. when the error is EACCESS or similar.
auto result = resolve_path_without_veil(path, base, &parent_custody);
if (!result.is_error())
return EEXIST;
@ -828,6 +830,8 @@ ErrorOr<void> VirtualFileSystem::validate_path_against_process_veil(StringView p
ErrorOr<NonnullRefPtr<Custody>> VirtualFileSystem::resolve_path(StringView path, Custody& base, RefPtr<Custody>* out_parent, int options, int symlink_recursion_level)
{
// FIXME: The errors returned by resolve_path_without_veil can leak information about paths that are not unveiled,
// e.g. when the error is EACCESS or similar.
auto custody = TRY(resolve_path_without_veil(path, base, out_parent, options, symlink_recursion_level));
if (auto result = validate_path_against_process_veil(*custody, options); result.is_error()) {
if (out_parent)