diff options
author | Nicolas Lacasse <nlacasse@google.com> | 2018-11-16 12:39:14 -0800 |
---|---|---|
committer | Nicolas Lacasse <nlacasse@google.com> | 2018-11-20 14:02:39 -0800 |
commit | 8c84f9a3c1a82e633e3f87801921d86985d25a46 (patch) | |
tree | 565a6d85ea259553a4dfb042d0236998c18bf24a /pkg | |
parent | bb9a2bb62ed37f9b29c7ab4418b8b90417d1b2a2 (diff) |
Parse the tmpfs mode before validating.
This gets rid of the problematic modeRegex.
PiperOrigin-RevId: 221835959
Change-Id: I566b8d8a43579a4c30c0a08a620a964bbcd826dd
Diffstat (limited to 'pkg')
-rw-r--r-- | pkg/sentry/fs/tmpfs/fs.go | 17 |
1 files changed, 7 insertions, 10 deletions
diff --git a/pkg/sentry/fs/tmpfs/fs.go b/pkg/sentry/fs/tmpfs/fs.go index 2e57f2b42..3ac0c4dd4 100644 --- a/pkg/sentry/fs/tmpfs/fs.go +++ b/pkg/sentry/fs/tmpfs/fs.go @@ -16,7 +16,6 @@ package tmpfs import ( "fmt" - "regexp" "strconv" "gvisor.googlesource.com/gvisor/pkg/abi/linux" @@ -39,13 +38,13 @@ const ( // TODO: support a tmpfs size limit. // size = "size" - // default permissions are read/write/execute. + // Permissions that exceed modeMask will be rejected. + modeMask = 01777 + + // Default permissions are read/write/execute. defaultMode = 0777 ) -// modeRegexp is the expected format of the mode option. -var modeRegexp = regexp.MustCompile("^[0-1]?[0-7][0-7][0-7]$") - // Filesystem is a tmpfs. // // +stateify savable @@ -91,15 +90,13 @@ func (f *Filesystem) Mount(ctx context.Context, device string, flags fs.MountSou // Parse the root directory permissions. perms := fs.FilePermsFromMode(defaultMode) if m, ok := options[modeKey]; ok { - if !modeRegexp.MatchString(m) { - return nil, fmt.Errorf("unsupported mode value: 'mode=%s'", m) - } - // It's basically impossible that we error out at this point, - // maybe we should panic. i, err := strconv.ParseUint(m, 8, 32) if err != nil { return nil, fmt.Errorf("mode value not parsable 'mode=%s': %v", m, err) } + if i&^modeMask != 0 { + return nil, fmt.Errorf("invalid mode %q: must be less than %o", m, modeMask) + } perms = fs.FilePermsFromMode(linux.FileMode(i)) delete(options, modeKey) } |