From 8c84f9a3c1a82e633e3f87801921d86985d25a46 Mon Sep 17 00:00:00 2001 From: Nicolas Lacasse Date: Fri, 16 Nov 2018 12:39:14 -0800 Subject: Parse the tmpfs mode before validating. This gets rid of the problematic modeRegex. PiperOrigin-RevId: 221835959 Change-Id: I566b8d8a43579a4c30c0a08a620a964bbcd826dd --- pkg/sentry/fs/tmpfs/fs.go | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) (limited to 'pkg/sentry/fs/tmpfs') diff --git a/pkg/sentry/fs/tmpfs/fs.go b/pkg/sentry/fs/tmpfs/fs.go index 2e57f2b42..3ac0c4dd4 100644 --- a/pkg/sentry/fs/tmpfs/fs.go +++ b/pkg/sentry/fs/tmpfs/fs.go @@ -16,7 +16,6 @@ package tmpfs import ( "fmt" - "regexp" "strconv" "gvisor.googlesource.com/gvisor/pkg/abi/linux" @@ -39,13 +38,13 @@ const ( // TODO: support a tmpfs size limit. // size = "size" - // default permissions are read/write/execute. + // Permissions that exceed modeMask will be rejected. + modeMask = 01777 + + // Default permissions are read/write/execute. defaultMode = 0777 ) -// modeRegexp is the expected format of the mode option. -var modeRegexp = regexp.MustCompile("^[0-1]?[0-7][0-7][0-7]$") - // Filesystem is a tmpfs. // // +stateify savable @@ -91,15 +90,13 @@ func (f *Filesystem) Mount(ctx context.Context, device string, flags fs.MountSou // Parse the root directory permissions. perms := fs.FilePermsFromMode(defaultMode) if m, ok := options[modeKey]; ok { - if !modeRegexp.MatchString(m) { - return nil, fmt.Errorf("unsupported mode value: 'mode=%s'", m) - } - // It's basically impossible that we error out at this point, - // maybe we should panic. i, err := strconv.ParseUint(m, 8, 32) if err != nil { return nil, fmt.Errorf("mode value not parsable 'mode=%s': %v", m, err) } + if i&^modeMask != 0 { + return nil, fmt.Errorf("invalid mode %q: must be less than %o", m, modeMask) + } perms = fs.FilePermsFromMode(linux.FileMode(i)) delete(options, modeKey) } -- cgit v1.2.3