2 files changed, 16 insertions, 4 deletions

diff --git a/pkg/sentry/syscalls/linux/sys_file.go b/pkg/sentry/syscalls/linux/sys_file.go
index d2d351449..50151f7b6 100644
--- a/pkg/sentry/syscalls/linux/sys_file.go
+++ b/pkg/sentry/syscalls/linux/sys_file.go
@@ -347,10 +347,9 @@ func createAt(t *kernel.Task, dirFD kdefs.FD, addr usermem.Addr, flags uint, mod
 				return syserror.ConvertIntr(err, kernel.ERESTARTSYS)
 			}
 			defer newFile.DecRef()
-		case syserror.EACCES:
-			// Permission denied while walking to the file.
-			return err
-		default:
+		case syserror.ENOENT:
+			// File does not exist. Proceed with creation.
+
 			// Do we have write permissions on the parent?
 			if err := d.Inode.CheckPermission(t, fs.PermMask{Write: true, Execute: true}); err != nil {
 				return err
@@ -365,6 +364,8 @@ func createAt(t *kernel.Task, dirFD kdefs.FD, addr usermem.Addr, flags uint, mod
 			}
 			defer newFile.DecRef()
 			targetDirent = newFile.Dirent
+		default:
+			return err
 		}
 
 		// Success.
diff --git a/test/syscalls/linux/creat.cc b/test/syscalls/linux/creat.cc
index 72a016b4c..df2cc0d5c 100644
--- a/test/syscalls/linux/creat.cc
+++ b/test/syscalls/linux/creat.cc
@@ -51,6 +51,17 @@ TEST(CreatTest, CreatTruncatesExistingFile) {
   EXPECT_EQ("", new_contents);
 }
 
+TEST(CreatTest, CreatWithNameTooLong) {
+  // Start with a unique name, and pad it to NAME_MAX + 1;
+  std::string name = NewTempRelPath();
+  int padding = (NAME_MAX + 1) - name.size();
+  name.append(padding, 'x');
+  const std::string& path = JoinPath(GetAbsoluteTestTmpdir(), name);
+
+  // Creation should return ENAMETOOLONG.
+  ASSERT_THAT(creat(path.c_str(), kMode), SyscallFailsWithErrno(ENAMETOOLONG));
+}
+
 }  // namespace
 
 }  // namespace testing