diff options
author | Kevin Krakauer <krakauer@google.com> | 2019-11-14 15:55:07 -0800 |
---|---|---|
committer | gVisor bot <gvisor-bot@google.com> | 2019-11-14 16:08:34 -0800 |
commit | 339536de5eefe782813aabae4aeeb312b3c4dde7 (patch) | |
tree | 65a862e9b16cc15d7edd249444c2c355a2bb16db /pkg/sentry/syscalls | |
parent | 1e1f5ce08210af6211bcb1c8da293a63a79165fe (diff) |
Check that a file is a regular file with open(O_TRUNC).
It was possible to panic the sentry by opening a cache revalidating folder with
O_TRUNC|O_CREAT.
Avoids breaking php tests.
PiperOrigin-RevId: 280533213
Diffstat (limited to 'pkg/sentry/syscalls')
-rw-r--r-- | pkg/sentry/syscalls/linux/sys_file.go | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/pkg/sentry/syscalls/linux/sys_file.go b/pkg/sentry/syscalls/linux/sys_file.go index b9a8e3e21..167c2b60b 100644 --- a/pkg/sentry/syscalls/linux/sys_file.go +++ b/pkg/sentry/syscalls/linux/sys_file.go @@ -169,10 +169,11 @@ func openAt(t *kernel.Task, dirFD int32, addr usermem.Addr, flags uint) (fd uint if dirPath { return syserror.ENOTDIR } - if flags&linux.O_TRUNC != 0 { - if err := d.Inode.Truncate(t, d, 0); err != nil { - return err - } + } + + if flags&linux.O_TRUNC != 0 { + if err := d.Inode.Truncate(t, d, 0); err != nil { + return err } } |