diff options
author | Nicolas Lacasse <nlacasse@google.com> | 2019-07-08 14:56:09 -0700 |
---|---|---|
committer | gVisor bot <gvisor-bot@google.com> | 2019-07-08 14:57:15 -0700 |
commit | 6db3f8d54c0225e6b6c3d8eef30b4b61498848b7 (patch) | |
tree | ee85d7855e9cd6dde7ee8de443a04e5c0f317ae8 /pkg/sentry/syscalls | |
parent | e45d724948cf03a7aca871971e75f2cfe1a3bc1f (diff) |
Don't mask errors in createAt loop.
The error set in the loop in createAt was being masked
by other errors declared with ":=". This allowed an
ErrResolveViaReadlink error to escape, which can cause
a sentry panic.
Added test case which repros without the fix.
PiperOrigin-RevId: 257061767
Diffstat (limited to 'pkg/sentry/syscalls')
-rw-r--r-- | pkg/sentry/syscalls/linux/sys_file.go | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/pkg/sentry/syscalls/linux/sys_file.go b/pkg/sentry/syscalls/linux/sys_file.go index eb6f5648f..40722abc2 100644 --- a/pkg/sentry/syscalls/linux/sys_file.go +++ b/pkg/sentry/syscalls/linux/sys_file.go @@ -353,7 +353,8 @@ func createAt(t *kernel.Task, dirFD int32, addr usermem.Addr, flags uint, mode l // No more resolution necessary. defer resolved.DecRef() break - } else if err != fs.ErrResolveViaReadlink { + } + if err != fs.ErrResolveViaReadlink { return err } @@ -363,15 +364,17 @@ func createAt(t *kernel.Task, dirFD int32, addr usermem.Addr, flags uint, mode l } // Resolve the symlink to a path via Readlink. - path, err := found.Inode.Readlink(t) + var path string + path, err = found.Inode.Readlink(t) if err != nil { break } remainingTraversals-- // Get the new parent from the target path. + var newParent *fs.Dirent newParentPath, newName := fs.SplitLast(path) - newParent, err := t.MountNamespace().FindInode(t, root, parent, newParentPath, &remainingTraversals) + newParent, err = t.MountNamespace().FindInode(t, root, parent, newParentPath, &remainingTraversals) if err != nil { break } |