• Jann Horn's avatar
    fs/coredump: prevent "" / "." / ".." core path components · ac94b6e3
    Jann Horn authored
    Let %h and %e print empty values as "!", "." as "!" and
    ".." as "!.".
    
    This prevents hostnames and comm values that are empty or consist of one
    or two dots from changing the directory level at which the corefile will
    be stored.
    
    Consider the case where someone decides to sort coredumps by hostname
    with a core pattern like "/cores/%h/core.%e.%p.%t" or so.  In this
    case, hostnames "" and "." would cause the coredump to land directly in
    /cores, which is not what the intent behind the core pattern is, and
    ".." would cause the coredump to land in /.
    
    Yeah, there probably aren't many people who do that, but I still don't
    want this edgecase to be kind of broken.
    
    It seems very unlikely that this caused security issues anywhere, so I'm
    not requesting a stable backport.
    
    [akpm@linux-foundation.org: tweak code comment]
    Signed-off-by: default avatarJann Horn <jann@thejh.net>
    Acked-by: default avatarKees Cook <keescook@chromium.org>
    Cc: Alexander Viro <viro@zeniv.linux.org.uk>
    Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
    Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    ac94b6e3
coredump.c 19.9 KB