RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-26 09:07:35 +00:00
Code Issues Activity Actions

Kernel: Don't allow userspace to sys$open() literal symlinks

Browse source 
The O_NOFOLLOW_NOERROR is an internal kernel mechanism used for the
implementation of sys$readlink() and sys$lstat().

There is no reason to allow userspace to open symlinks directly.
This commit is contained in:
Andreas Kling 2020-01-15 21:19:26 +01:00
parent e23536d682
commit d79de38bd2
1 changed files with 6 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
Kernel/Process.cpp
View file

@ -1863,6 +1863,9 @@ int Process::sys$open(const Syscall::SC_open_params* user_params)
auto options = params.options; auto options = params.options;
auto mode = params.mode; auto mode = params.mode;
if (options & O_NOFOLLOW_NOERROR)
return -EINVAL;
if ((options & O_RDWR) || (options & O_WRONLY)) if ((options & O_RDWR) || (options & O_WRONLY))
REQUIRE_PROMISE(wpath); REQUIRE_PROMISE(wpath);
else else
@ -1905,6 +1908,9 @@ int Process::sys$openat(const Syscall::SC_openat_params* user_params)
int options = params.options; int options = params.options;
u16 mode = params.mode; u16 mode = params.mode;
if (options & O_NOFOLLOW_NOERROR)
return -EINVAL;
if ((options & O_RDWR) || (options & O_WRONLY)) if ((options & O_RDWR) || (options & O_WRONLY))
REQUIRE_PROMISE(wpath); REQUIRE_PROMISE(wpath);
else else