diff options
| author | Mike Snitzer <snitzer@redhat.com> | 2009-04-29 15:25:09 -0400 |
|---|---|---|
| committer | Mike Snitzer <snitzer@redhat.com> | 2009-04-29 15:25:09 -0400 |
| commit | 40c1294b8d75e98918b1df5b1e9b4e69f0fd4f28 (patch) | |
| tree | bce4a40e6e6f903317342a22f95aa2ca79937a3d /multipathd | |
| parent | 3b3a6d968b6facb30e288cedd17ed08e73c37404 (diff) | |
| download | multipath-tools-40c1294b8d75e98918b1df5b1e9b4e69f0fd4f28.tar.gz multipath-tools-40c1294b8d75e98918b1df5b1e9b4e69f0fd4f28.tar.bz2 multipath-tools-40c1294b8d75e98918b1df5b1e9b4e69f0fd4f28.zip | |
do not allow relative path names to be added to the pathvec
CVE-2009-0115 taught us that such paths should not be tolerated
Signed-off-by: Mike Snitzer <snitzer@redhat.com>
Diffstat (limited to 'multipathd')
| -rw-r--r-- | multipathd/main.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/multipathd/main.c b/multipathd/main.c index f2848fb..c7ef4df 100644 --- a/multipathd/main.c +++ b/multipathd/main.c @@ -353,6 +353,14 @@ ev_add_path (char * devname, struct vectors * vecs) struct path * pp; char empty_buff[WWID_SIZE] = {0}; + if (strstr(devname, "..") != NULL) { + /* + * Don't allow relative device names in the pathvec + */ + condlog(0, "%s: path name is invalid", devname); + return 1; + } + pp = find_path_by_dev(vecs->pathvec, devname); if (pp) { |