From a065c177dfc8f968775593ba00dffafeebb2e054 Mon Sep 17 00:00:00 2001 From: Jeff Layton Date: Tue, 26 Jan 2010 08:15:41 -0500 Subject: [PATCH] mount.cifs: check for invalid characters in device name and mountpoint It's apparently possible to corrupt the mtab if you pass embedded newlines to addmntent. Apparently tabs are also a problem with certain earlier glibc versions. Backslashes are also a minor issue apparently, but we can't reasonably filter those. Make sure that neither the devname or mountpoint contain any problematic characters before allowing the mount to proceed. Signed-off-by: Jeff Layton --- client/mount.cifs.c | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/client/mount.cifs.c b/client/mount.cifs.c index f30418bfc26..96f0c1c834f 100644 --- a/client/mount.cifs.c +++ b/client/mount.cifs.c @@ -1164,6 +1164,36 @@ static void print_cifs_mount_version(void) MOUNT_CIFS_VENDOR_SUFFIX); } +/* + * This function borrowed from fuse-utils... + * + * glibc's addmntent (at least as of 2.10 or so) doesn't properly encode + * newlines embedded within the text fields. To make sure no one corrupts + * the mtab, fail the mount if there are embedded newlines. + */ +static int check_newline(const char *progname, const char *name) +{ + char *s; + for (s = "\n"; *s; s++) { + if (strchr(name, *s)) { + fprintf(stderr, "%s: illegal character 0x%02x in mount entry\n", + progname, *s); + return EX_USAGE; + } + } + return 0; +} + +static int check_mtab(const char *progname, const char *devname, + const char *dir) +{ + if (check_newline(progname, devname) == -1 || + check_newline(progname, dir) == -1) + return EX_USAGE; + return 0; +} + + int main(int argc, char ** argv) { int c; @@ -1607,6 +1637,10 @@ mount_retry: if (verboseflag) fprintf(stderr, "\n"); + rc = check_mtab(thisprogram, dev_name, mountpoint); + if (rc) + goto mount_exit; + if (!fakemnt && mount(dev_name, ".", cifs_fstype, flags, options)) { switch (errno) { case ECONNREFUSED: -- 2.11.4.GIT