summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeff Layton <jlayton@redhat.com>2010-01-26 08:15:41 -0500
committerJeff Layton <jlayton@redhat.com>2010-01-26 08:15:41 -0500
commita065c177dfc8f968775593ba00dffafeebb2e054 (patch)
treefcc1ace9adbe0e3e379b07e2f20ca952699048f8
parent3ae5dac462c4ed0fb2cd94553583c56fce2f9d80 (diff)
downloadsamba-a065c177dfc8f968775593ba00dffafeebb2e054.tar.gz
samba-a065c177dfc8f968775593ba00dffafeebb2e054.tar.bz2
samba-a065c177dfc8f968775593ba00dffafeebb2e054.zip
mount.cifs: check for invalid characters in device name and mountpoint
It's apparently possible to corrupt the mtab if you pass embedded newlines to addmntent. Apparently tabs are also a problem with certain earlier glibc versions. Backslashes are also a minor issue apparently, but we can't reasonably filter those. Make sure that neither the devname or mountpoint contain any problematic characters before allowing the mount to proceed. Signed-off-by: Jeff Layton <jlayton@redhat.com>
-rw-r--r--client/mount.cifs.c34
1 files changed, 34 insertions, 0 deletions
diff --git a/client/mount.cifs.c b/client/mount.cifs.c
index f30418bfc2..96f0c1c834 100644
--- a/client/mount.cifs.c
+++ b/client/mount.cifs.c
@@ -1164,6 +1164,36 @@ static void print_cifs_mount_version(void)
MOUNT_CIFS_VENDOR_SUFFIX);
}
+/*
+ * This function borrowed from fuse-utils...
+ *
+ * glibc's addmntent (at least as of 2.10 or so) doesn't properly encode
+ * newlines embedded within the text fields. To make sure no one corrupts
+ * the mtab, fail the mount if there are embedded newlines.
+ */
+static int check_newline(const char *progname, const char *name)
+{
+ char *s;
+ for (s = "\n"; *s; s++) {
+ if (strchr(name, *s)) {
+ fprintf(stderr, "%s: illegal character 0x%02x in mount entry\n",
+ progname, *s);
+ return EX_USAGE;
+ }
+ }
+ return 0;
+}
+
+static int check_mtab(const char *progname, const char *devname,
+ const char *dir)
+{
+ if (check_newline(progname, devname) == -1 ||
+ check_newline(progname, dir) == -1)
+ return EX_USAGE;
+ return 0;
+}
+
+
int main(int argc, char ** argv)
{
int c;
@@ -1607,6 +1637,10 @@ mount_retry:
if (verboseflag)
fprintf(stderr, "\n");
+ rc = check_mtab(thisprogram, dev_name, mountpoint);
+ if (rc)
+ goto mount_exit;
+
if (!fakemnt && mount(dev_name, ".", cifs_fstype, flags, options)) {
switch (errno) {
case ECONNREFUSED: