TWxSoftware/twx-linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ceph: validate snapdirname option length when mounting

Browse Source 
commit 12eb22a5a6 upstream.

It becomes a path component, so it shouldn't exceed NAME_MAX
characters.  This was hardened in commit c152737be2 ("ceph: Use
strscpy() instead of strcpy() in __get_snap_name()"), but no actual
check was put in place.

Cc: stable@vger.kernel.org
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Reviewed-by: Alex Markuze <amarkuze@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
Ilya Dryomov
2024-11-20 16:43:51 +01:00
committed by Greg Kroah-Hartman
parent 7094f3b6df
commit f006f6eaea
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
fs/ceph/super.c
+2
View File
@@ -427,6 +427,8 @@ static int ceph_parse_mount_param(struct fs_context *fc,
switch (token) {
case Opt_snapdirname:
if (strlen(param->string) > NAME_MAX)
return invalfc(fc, "snapdirname too long");
kfree(fsopt->snapdir_name);
fsopt->snapdir_name = param->string;
param->string = NULL;