lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <1405955516-22016-1-git-send-email-alban.crequy@collabora.co.uk>
Date:	Mon, 21 Jul 2014 16:11:56 +0100
From:	Alban Crequy <alban.crequy@...labora.co.uk>
To:	cgroups@...r.kernel.org
Cc:	linux-kernel@...r.kernel.org, Tejun Heo <tj@...nel.org>,
	Li Zefan <lizefan@...wei.com>,
	Alban Crequy <alban.crequy@...labora.co.uk>
Subject: [PATCH] [RFC] cgroup: reject cgroup names with non-printing characters

/proc/<pid>/cgroup contains one cgroup path on each line. If cgroup names are
allowed to contain "\n", applications cannot parse /proc/<pid>/cgroup safely.

I use < 0x20 as seen in vfat_bad_char; is it safe to use isprint()?

Signed-off-by: Alban Crequy <alban.crequy@...labora.co.uk>
---
 kernel/cgroup.c | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/kernel/cgroup.c b/kernel/cgroup.c
index 70776ae..e2df5e7 100644
--- a/kernel/cgroup.c
+++ b/kernel/cgroup.c
@@ -4378,6 +4378,20 @@ err_free_css:
 	return err;
 }
 
+/* Inspired by vfat_bad_char: do not accept non-printing characters. In
+ * particular, reject '\n' to prevent making /proc/<pid>/cgroup unparsable.
+ */
+static inline int cgroup_is_used_badchars(const char *s)
+{
+	int i;
+
+	for (i = 0; s[i] != '\0'; i++)
+		if (s[i] < 0x20)
+			return -EINVAL;
+
+	return 0;
+}
+
 static int cgroup_mkdir(struct kernfs_node *parent_kn, const char *name,
 			umode_t mode)
 {
@@ -4387,6 +4401,11 @@ static int cgroup_mkdir(struct kernfs_node *parent_kn, const char *name,
 	struct kernfs_node *kn;
 	int ssid, ret;
 
+	/* do not create cgroups with bad names */
+	ret = cgroup_is_used_badchars(name);
+	if (ret)
+		return ret;
+
 	parent = cgroup_kn_lock_live(parent_kn);
 	if (!parent)
 		return -ENODEV;
-- 
1.8.5.3

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ