summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
Diffstat
-rw-r--r--pkg/sentry/fs/dentry.go3
-rw-r--r--pkg/sentry/fs/ramfs/dir.go13
2 files changed, 14 insertions, 2 deletions
diff --git a/pkg/sentry/fs/dentry.go b/pkg/sentry/fs/dentry.go
index ef6d1a870..4879df4d6 100644
--- a/pkg/sentry/fs/dentry.go
+++ b/pkg/sentry/fs/dentry.go
@@ -185,7 +185,8 @@ func NewSortedDentryMap(entries map[string]DentAttr) *SortedDentryMap {
return s
}
-// GetAll returns all names and entries in s.
+// GetAll returns all names and entries in s. Callers should not modify the
+// returned values.
func (s *SortedDentryMap) GetAll() ([]string, map[string]DentAttr) {
return s.names, s.entries
}
diff --git a/pkg/sentry/fs/ramfs/dir.go b/pkg/sentry/fs/ramfs/dir.go
index 696825eb5..4da876ebd 100644
--- a/pkg/sentry/fs/ramfs/dir.go
+++ b/pkg/sentry/fs/ramfs/dir.go
@@ -148,7 +148,18 @@ func (d *Dir) FindChild(name string) (*fs.Inode, bool) {
func (d *Dir) Children() ([]string, map[string]fs.DentAttr) {
d.mu.Lock()
defer d.mu.Unlock()
- return d.dentryMap.GetAll()
+
+ // Return a copy to prevent callers from modifying our children.
+ names, entries := d.dentryMap.GetAll()
+ namesCopy := make([]string, len(names))
+ copy(namesCopy, names)
+
+ entriesCopy := make(map[string]fs.DentAttr)
+ for k, v := range entries {
+ entriesCopy[k] = v
+ }
+
+ return namesCopy, entriesCopy
}
// removeChildLocked attempts to remove an entry from this directory.
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-05 08:38:04 +0000