aboutsummaryrefslogtreecommitdiff
path: root/hw/9pfs/9p-local.h
AgeCommit message (Collapse)Author
2017-02-289pfs: local: open/opendir: don't follow symlinksGreg Kurz
The local_open() and local_opendir() callbacks are vulnerable to symlink attacks because they call: (1) open(O_NOFOLLOW) which follows symbolic links in all path elements but the rightmost one (2) opendir() which follows symbolic links in all path elements This patch converts both callbacks to use new helpers based on openat_nofollow() to only open files and directories if they are below the virtfs shared folder This partly fixes CVE-2016-9602. Signed-off-by: Greg Kurz <groug@kaod.org> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>