CVSROOT: /cvs
Module name: src
Changes by: bl...@cvs.openbsd.org 2024/09/15 16:46:45
Modified files:
sys/isofs/cd9660: Tag: OPENBSD_7_4 cd9660_vnops.c
sys/isofs/udf : Tag: OPENBSD_7_4 udf_vnops.c
sys/miscfs/fuse: Tag: OPENBSD_7_4 fuse_vnops.c
sys/msdosfs : Tag: OPENBSD_7_4 msdosfs_conv.c
sys/nfs : Tag: OPENBSD_7_4 nfs_vnops.c
sys/ntfs : Tag: OPENBSD_7_4 ntfs_vnops.c
sys/tmpfs : Tag: OPENBSD_7_4 tmpfs_subr.c
sys/ufs/ext2fs : Tag: OPENBSD_7_4 ext2fs_lookup.c
sys/ufs/ufs : Tag: OPENBSD_7_4 ufs_vnops.c
Log message:
Ensure that file names passed back by readdir do not include a '/'
character. The '/' char is the path separator and is not allowed in
any filename.
NFS specific report by Apple Security Engineering and Architecture (SEAR).
Input from guenther@ and millert@
from claudio@; OK beck@ miod@
msdos already transfroms for Windows long names a '/' char into '?'.
Do the same for the 8.3 case as well.
This is not ideal since now it is possible that two files in the same
directory have the same name but the msdos code already does a lot of
this and so the problem already exists.
from claudio@; OK beck@ miod@
Do a basic sanity check that dirents returned via fuse are kind of sane.
Ensure that file names passed back by readdir do not include a '/'
character. The '/' char is the path separator and is not allowed in
any filename. On top of this also check that d_reclen and d_namlen
are kind of sane and zero out the padding bytes after d_name.
from claudio@; OK beck@
this is errata/7.4/022_readdir.patch.sig
