[gentoo-commits] proj/sandbox:master commit in: libsandbox/

public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed

From: "Mike Gilbert" <floppym@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] proj/sandbox:master commit in: libsandbox/
Date: Mon, 22 Jan 2024 21:41:32 +0000 (UTC)	[thread overview]
Message-ID: <1704744249.ef9208bea4e0f0dff5abf358002565f36e4d7a8d.floppym@gentoo> (raw)

commit:     ef9208bea4e0f0dff5abf358002565f36e4d7a8d
Author:     Mike Gilbert <floppym <AT> gentoo <DOT> org>
AuthorDate: Mon Jan  8 19:59:35 2024 +0000
Commit:     Mike Gilbert <floppym <AT> gentoo <DOT> org>
CommitDate: Mon Jan  8 20:04:09 2024 +0000
URL:        https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=ef9208be

libsandbox: stat the original path for EEXIST hackaround

Resolves an issue that can occur with paths that contain parent
directory references (/../).

If part of the path does not exist, the sandboxed program should get ENOENT,
not EEXIST. If we use the canonicalized path, intermediate paths will be
eliminated and we produce the wrong result.

Bug: https://bugs.gentoo.org/921581
Signed-off-by: Mike Gilbert <floppym <AT> gentoo.org>

 libsandbox/pre_check_mkdirat.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libsandbox/pre_check_mkdirat.c b/libsandbox/pre_check_mkdirat.c
index b1e86cf..49c382a 100644
--- a/libsandbox/pre_check_mkdirat.c
+++ b/libsandbox/pre_check_mkdirat.c
@@ -37,7 +37,7 @@ bool sb_mkdirat_pre_check(const char *func, const char *pathname, int dirfd)
 	 * will trigger a sandbox violation.
 	 */
 	struct stat64 st;
-	if (0 == lstat64(canonic, &st)) {
+	if (0 == lstat64(pathname, &st)) {
 		int new_errno;
 		sb_debug_dyn("EARLY FAIL: %s(%s[%s]) @ lstat: %s\n",
 			func, pathname, canonic, strerror(errno));

next             reply	other threads:[~2024-01-22 21:41 UTC|newest]

Thread overview: 62+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-01-22 21:41 Mike Gilbert [this message]
  -- strict thread matches above, loose matches on Subject: below --
2025-01-08  2:12 [gentoo-commits] proj/sandbox:stable-2.x commit in: libsandbox/ Mike Gilbert
2025-01-14  4:38 ` [gentoo-commits] proj/sandbox:master " Mike Gilbert
2024-12-22 19:19 [gentoo-commits] proj/sandbox:stable-2.x " Mike Gilbert
2025-01-14  4:38 ` [gentoo-commits] proj/sandbox:master " Mike Gilbert
2024-12-22 19:19 [gentoo-commits] proj/sandbox:stable-2.x " Mike Gilbert
2025-01-14  4:38 ` [gentoo-commits] proj/sandbox:master " Mike Gilbert
2024-12-22 19:02 Mike Gilbert
2024-12-22 19:02 Mike Gilbert
2024-12-22  3:49 [gentoo-commits] proj/sandbox:stable-2.x " Mike Gilbert
2025-01-14  4:38 ` [gentoo-commits] proj/sandbox:master " Mike Gilbert
2024-12-22  3:41 Mike Gilbert
2024-11-04 19:15 Mike Gilbert
2024-01-27 18:05 Mike Gilbert
2023-08-08 15:27 Mike Gilbert
2023-08-05 23:38 Mike Gilbert
2023-08-05 23:38 Mike Gilbert
2023-08-05 23:38 Mike Gilbert
2023-08-05 23:38 Mike Gilbert
2023-08-04  0:26 Mike Gilbert
2023-08-01 14:14 Mike Gilbert
2021-11-03 16:40 Mike Frysinger
2021-11-03 16:40 Mike Frysinger
2021-11-03  6:59 Mike Frysinger
2021-10-31 23:54 Mike Frysinger
2021-10-28  9:56 Mike Frysinger
2021-10-28  7:14 Mike Frysinger
2021-10-28  3:41 Mike Frysinger
2021-10-23 22:19 Mike Frysinger
2021-10-23  6:10 Mike Frysinger
2021-10-23  6:10 Mike Frysinger
2021-10-22  4:20 Mike Frysinger
2021-10-22  4:15 Mike Frysinger
2021-10-21 20:37 Mike Frysinger
2021-10-21 20:37 Mike Frysinger
2021-10-21  1:51 Mike Frysinger
2021-10-18 22:04 Mike Frysinger
2021-09-07 15:35 Michał Górny
2021-04-02 11:22 Sergei Trofimovich
2021-03-15 18:08 Sergei Trofimovich
2019-06-25  6:42 Sergei Trofimovich
2018-12-02 15:22 Michał Górny
2018-07-19 11:50 Michał Górny
2018-02-18 21:32 Michał Górny
2017-10-03 16:42 Ian Stakenvicius
2017-10-03 16:39 Michał Górny
2016-03-30  5:22 Mike Frysinger
2016-03-29 12:24 Mike Frysinger
2015-12-19 18:10 Mike Frysinger
2015-12-19 18:10 Mike Frysinger
2015-12-19  7:29 Mike Frysinger
2015-09-27  6:13 Mike Frysinger
2015-09-27  6:13 Mike Frysinger
2015-09-20  8:15 Mike Frysinger
2015-09-20  8:15 Mike Frysinger
2015-09-20  8:15 Mike Frysinger
2015-09-20  8:15 Mike Frysinger
2015-09-11  7:53 Mike Frysinger
2013-02-25  4:12 Mike Frysinger
2013-02-25  4:08 Mike Frysinger
2012-06-23 23:12 Mike Frysinger
2012-06-23 22:40 Mike Frysinger
2012-06-23 21:21 Mike Frysinger
2012-03-07  5:28 Mike Frysinger
2011-07-08 19:53 Mike Frysinger
2011-07-08 19:53 Mike Frysinger

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:b1e86cf dfblob:49c382a )
 OR (
bs:"[gentoo-commits] proj/sandbox:master commit in: libsandbox/" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1704744249.ef9208bea4e0f0dff5abf358002565f36e4d7a8d.floppym@gentoo \
    --to=floppym@gentoo.org \
    --cc=gentoo-commits@lists.gentoo.org \
    --cc=gentoo-dev@lists.gentoo.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox