diff options
| author | Mateusz Guzik <mjg@FreeBSD.org> | 2022-03-19 15:11:25 +0000 |
|---|---|---|
| committer | Mateusz Guzik <mjg@FreeBSD.org> | 2022-03-19 15:11:25 +0000 |
| commit | 6ff3e8a3165ea580c184cfad8ebd7cffc17b0271 (patch) | |
| tree | 060bd26ef13fb46c3c294390841e0df03afaaaa4 | |
| parent | eb574ba0b61a992e83dc96133ecfbcd4718b9131 (diff) | |
| download | src-6ff3e8a3165ea580c184cfad8ebd7cffc17b0271.tar.gz src-6ff3e8a3165ea580c184cfad8ebd7cffc17b0271.zip | |
cache: add a comment about a realpath bug
| -rw-r--r-- | sys/kern/vfs_cache.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/sys/kern/vfs_cache.c b/sys/kern/vfs_cache.c index 13c84791583e..147d3075dfac 100644 --- a/sys/kern/vfs_cache.c +++ b/sys/kern/vfs_cache.c @@ -3119,6 +3119,17 @@ vn_getcwd(char *buf, char **retbuf, size_t *buflen) return (error); } +/* + * Canonicalize a path by walking it forward and back. + * + * BUGS: + * - Nothing guarantees the integrity of the entire chain. Consider the case + * where the path "foo/bar/baz/qux" is passed, but "bar" is moved out of + * "foo" into "quux" during the backwards walk. The result will be + * "quux/bar/baz/qux", which could not have been obtained by an incremental + * walk in userspace. Moreover, the path we return is inaccessible if the + * calling thread lacks permission to traverse "quux". + */ static int kern___realpathat(struct thread *td, int fd, const char *path, char *buf, size_t size, int flags, enum uio_seg pathseg) |