[PATCH review 4/4] vfs: Do not allow escaping from bind mounts.
Eric W. Biederman
ebiederm at xmission.com
Thu Apr 9 16:52:15 UTC 2015
Jann Horn <jann at thejh.net> writes:
> On Wed, Apr 08, 2015 at 06:34:12PM -0500, Eric W. Biederman wrote:
>> +static unsigned d_depth(const struct dentry *dentry)
>> +{
>> + unsigned depth = 0;
>> +
>> + while (!IS_ROOT(dentry)) {
>> + dentry = dentry->d_parent;
>> + depth++;
>> + }
>> + return depth;
>> +}
>
> This relies on a depth of 2^32 being impossible, right? Which is guaranteed
> somewhat because you would need something like a terabyte of RAM to have
> that many dentries in RAM? I can't find any explicit check. Maybe it would
> make sense to let the depth be 64 bits or add some kind of overflow check?
> Or did I just miss some kind of check on allocation?
Well there is the 4K PATH_MAX.
If nothing else your performance will grind to a halt if you attempt to
use a path that deeply nested.
That said it doesn't cost us anything to make the variables
unsigned long and it avoids having to worry about this piece of code.
I will respin this patch.
Eric
More information about the Containers
mailing list