diff options
author | Dean Deng <deandeng@google.com> | 2020-06-22 11:38:25 -0700 |
---|---|---|
committer | gVisor bot <gvisor-bot@google.com> | 2020-06-22 11:39:41 -0700 |
commit | 4573e7d863d59d59c6a4f72f396f72b0f6458cb2 (patch) | |
tree | da6c5ad68024010b681eaebdb39a7822e5ede7dd /pkg/sentry/fsimpl/gofer | |
parent | 282a6aea1b375d447fdf502c6660e92eb5e19cd4 (diff) |
Check for invalid trailing / when traversing path in gofer OpenAt.
Updates #2923.
PiperOrigin-RevId: 317700049
Diffstat (limited to 'pkg/sentry/fsimpl/gofer')
-rw-r--r-- | pkg/sentry/fsimpl/gofer/filesystem.go | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/pkg/sentry/fsimpl/gofer/filesystem.go b/pkg/sentry/fsimpl/gofer/filesystem.go index 5501781ac..f065c4bad 100644 --- a/pkg/sentry/fsimpl/gofer/filesystem.go +++ b/pkg/sentry/fsimpl/gofer/filesystem.go @@ -767,15 +767,17 @@ afterTrailingSymlink: parent.dirMu.Unlock() return fd, err } + parent.dirMu.Unlock() if err != nil { - parent.dirMu.Unlock() return nil, err } - // Open existing child or follow symlink. - parent.dirMu.Unlock() if mustCreate { return nil, syserror.EEXIST } + if !child.isDir() && rp.MustBeDir() { + return nil, syserror.ENOTDIR + } + // Open existing child or follow symlink. if child.isSymlink() && rp.ShouldFollowSymlink() { target, err := child.readlink(ctx, rp.Mount()) if err != nil { |