Do not allow to use O_BENEATH as an oracle.

Specifically, if lookup() returned any error and the topping directory
was not latched, which means that (non-existent) path did not returned
to the topping location, give ENOTCAPABLE a priority over the lookup()
error.

PR:	249960
Reviewed by:	emaste, ngie
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D26695
This commit is contained in:
Konstantin Belousov 2020-10-08 22:31:11 +00:00
parent 9470013f5a
commit 4ea4966009

View File

@ -595,8 +595,17 @@ namei(struct nameidata *ndp)
for (;;) {
ndp->ni_startdir = dp;
error = lookup(ndp);
if (error != 0)
if (error != 0) {
/*
* Override an error to not allow user to use
* BENEATH as an oracle.
*/
if ((ndp->ni_lcf & (NI_LCF_LATCH |
NI_LCF_BENEATH_LATCHED)) == NI_LCF_LATCH)
error = ENOTCAPABLE;
goto out;
}
/*
* If not a symbolic link, we're done.
*/