Submitted by: Mike Pritchard <pritc003@maroon.tc.umn.edu>
msdosfs_lookup() did no validation to see if the caller was validated to delete/rename/create files. msdosfs_setattr() did no validation to see if the caller was allowed to change the file permissions (turn on/off the write bit) or update the file modification time (utimes). The routines were fixed to validate the calls just like ufs does.
This commit is contained in:
Bruce Evans
parent
1f2c9ce35f
commit
d8762fa6a0
@ -1,4 +1,4 @@
|
||||
/* $Id: msdosfs_lookup.c,v 1.1 1994/09/19 15:41:44 dfr Exp $ */
|
||||
/* $Id: msdosfs_lookup.c,v 1.2 1994/09/27 20:42:51 phk Exp $ */
|
||||
/* $NetBSD: msdosfs_lookup.c,v 1.14 1994/08/21 18:44:07 ws Exp $ */
|
||||
|
||||
/*-
|
||||
@ -109,6 +109,7 @@ msdosfs_lookup(ap)
|
||||
struct msdosfsmount *pmp;
|
||||
struct buf *bp = 0;
|
||||
struct direntry *dep = NULL;
|
||||
struct ucred *cred = cnp->cn_cred;
|
||||
u_char dosfilename[12];
|
||||
int flags = cnp->cn_flags;
|
||||
int nameiop = cnp->cn_nameiop;
|
||||
@ -318,6 +319,9 @@ notfound:;
|
||||
#endif
|
||||
if ((nameiop == CREATE || nameiop == RENAME) &&
|
||||
(flags & ISLASTCN) && dp->de_refcnt != 0) {
|
||||
error = VOP_ACCESS(vdp, VWRITE, cred, cnp->cn_proc);
|
||||
if (error)
|
||||
return error;
|
||||
if (slotstatus == NONE) {
|
||||
dp->de_fndoffset = (u_long)-1;
|
||||
dp->de_fndclust = (u_long)-1;
|
||||
@ -363,6 +367,12 @@ foundroot:;
|
||||
* deget() the directory entry.
|
||||
*/
|
||||
if (nameiop == DELETE && (flags & ISLASTCN)) {
|
||||
error = VOP_ACCESS(vdp, VWRITE, cred, cnp->cn_proc);
|
||||
if (error) {
|
||||
if (bp)
|
||||
brelse(bp);
|
||||
return error;
|
||||
}
|
||||
if (dp->de_StartCluster == scn && isadir) { /* "." */
|
||||
VREF(vdp);
|
||||
*vpp = vdp;
|
||||
@ -388,6 +398,12 @@ foundroot:;
|
||||
* If renaming.
|
||||
*/
|
||||
if (nameiop == RENAME && wantparent && (flags & ISLASTCN)) {
|
||||
error = VOP_ACCESS(vdp, VWRITE, cred, cnp->cn_proc);
|
||||
if (error) {
|
||||
if (bp)
|
||||
brelse(bp);
|
||||
return error;
|
||||
}
|
||||
if (dp->de_StartCluster == scn && isadir) {
|
||||
if (bp)
|
||||
brelse(bp);
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
/* $Id: msdosfs_vnops.c,v 1.13 1995/03/19 14:28:57 davidg Exp $ */
|
||||
/* $Id: msdosfs_vnops.c,v 1.14 1995/04/11 18:32:17 ache Exp $ */
|
||||
/* $NetBSD: msdosfs_vnops.c,v 1.20 1994/08/21 18:44:13 ws Exp $ */
|
||||
|
||||
/*-
|
||||
@ -394,6 +394,11 @@ msdosfs_setattr(ap)
|
||||
return error;
|
||||
}
|
||||
if (vap->va_mtime.ts_sec != VNOVAL) {
|
||||
if (cred->cr_uid != dep->de_pmp->pm_uid &&
|
||||
(error = suser(cred, &ap->a_p->p_acflag)) &&
|
||||
((vap->va_vaflags & VA_UTIMES_NULL) == 0 ||
|
||||
(error = VOP_ACCESS(ap->a_vp, VWRITE, cred, &ap->a_p))))
|
||||
return error;
|
||||
dep->de_flag |= DE_UPDATE;
|
||||
error = deupdat(dep, &vap->va_mtime, 1);
|
||||
if (error)
|
||||
@ -406,6 +411,10 @@ msdosfs_setattr(ap)
|
||||
* attribute.
|
||||
*/
|
||||
if (vap->va_mode != (u_short) VNOVAL) {
|
||||
if (cred->cr_uid != dep->de_pmp->pm_uid &&
|
||||
(error = suser(cred, &ap->a_p->p_acflag)))
|
||||
return error;
|
||||
|
||||
/* We ignore the read and execute bits */
|
||||
if (vap->va_mode & VWRITE)
|
||||
dep->de_Attributes &= ~ATTR_READONLY;
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
/* $Id: msdosfs_lookup.c,v 1.1 1994/09/19 15:41:44 dfr Exp $ */
|
||||
/* $Id: msdosfs_lookup.c,v 1.2 1994/09/27 20:42:51 phk Exp $ */
|
||||
/* $NetBSD: msdosfs_lookup.c,v 1.14 1994/08/21 18:44:07 ws Exp $ */
|
||||
|
||||
/*-
|
||||
@ -109,6 +109,7 @@ msdosfs_lookup(ap)
|
||||
struct msdosfsmount *pmp;
|
||||
struct buf *bp = 0;
|
||||
struct direntry *dep = NULL;
|
||||
struct ucred *cred = cnp->cn_cred;
|
||||
u_char dosfilename[12];
|
||||
int flags = cnp->cn_flags;
|
||||
int nameiop = cnp->cn_nameiop;
|
||||
@ -318,6 +319,9 @@ notfound:;
|
||||
#endif
|
||||
if ((nameiop == CREATE || nameiop == RENAME) &&
|
||||
(flags & ISLASTCN) && dp->de_refcnt != 0) {
|
||||
error = VOP_ACCESS(vdp, VWRITE, cred, cnp->cn_proc);
|
||||
if (error)
|
||||
return error;
|
||||
if (slotstatus == NONE) {
|
||||
dp->de_fndoffset = (u_long)-1;
|
||||
dp->de_fndclust = (u_long)-1;
|
||||
@ -363,6 +367,12 @@ foundroot:;
|
||||
* deget() the directory entry.
|
||||
*/
|
||||
if (nameiop == DELETE && (flags & ISLASTCN)) {
|
||||
error = VOP_ACCESS(vdp, VWRITE, cred, cnp->cn_proc);
|
||||
if (error) {
|
||||
if (bp)
|
||||
brelse(bp);
|
||||
return error;
|
||||
}
|
||||
if (dp->de_StartCluster == scn && isadir) { /* "." */
|
||||
VREF(vdp);
|
||||
*vpp = vdp;
|
||||
@ -388,6 +398,12 @@ foundroot:;
|
||||
* If renaming.
|
||||
*/
|
||||
if (nameiop == RENAME && wantparent && (flags & ISLASTCN)) {
|
||||
error = VOP_ACCESS(vdp, VWRITE, cred, cnp->cn_proc);
|
||||
if (error) {
|
||||
if (bp)
|
||||
brelse(bp);
|
||||
return error;
|
||||
}
|
||||
if (dp->de_StartCluster == scn && isadir) {
|
||||
if (bp)
|
||||
brelse(bp);
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
/* $Id: msdosfs_vnops.c,v 1.13 1995/03/19 14:28:57 davidg Exp $ */
|
||||
/* $Id: msdosfs_vnops.c,v 1.14 1995/04/11 18:32:17 ache Exp $ */
|
||||
/* $NetBSD: msdosfs_vnops.c,v 1.20 1994/08/21 18:44:13 ws Exp $ */
|
||||
|
||||
/*-
|
||||
@ -394,6 +394,11 @@ msdosfs_setattr(ap)
|
||||
return error;
|
||||
}
|
||||
if (vap->va_mtime.ts_sec != VNOVAL) {
|
||||
if (cred->cr_uid != dep->de_pmp->pm_uid &&
|
||||
(error = suser(cred, &ap->a_p->p_acflag)) &&
|
||||
((vap->va_vaflags & VA_UTIMES_NULL) == 0 ||
|
||||
(error = VOP_ACCESS(ap->a_vp, VWRITE, cred, &ap->a_p))))
|
||||
return error;
|
||||
dep->de_flag |= DE_UPDATE;
|
||||
error = deupdat(dep, &vap->va_mtime, 1);
|
||||
if (error)
|
||||
@ -406,6 +411,10 @@ msdosfs_setattr(ap)
|
||||
* attribute.
|
||||
*/
|
||||
if (vap->va_mode != (u_short) VNOVAL) {
|
||||
if (cred->cr_uid != dep->de_pmp->pm_uid &&
|
||||
(error = suser(cred, &ap->a_p->p_acflag)))
|
||||
return error;
|
||||
|
||||
/* We ignore the read and execute bits */
|
||||
if (vap->va_mode & VWRITE)
|
||||
dep->de_Attributes &= ~ATTR_READONLY;
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user