upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-06-08 16:22:46 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

copy_file_range: require CAP_SEEK capability

Browse source 
When using copy_file_range(2) with an offset parameter,
the CAP_SEEK capability should be required.
This requirement is similar to the behavior observed with
pread(2)/pwrite(2).

Reported by:	theraven
Reviewed by:    emaste, theraven, kib, markj
Approved by:	secteam
Differential Revision:  https://reviews.freebsd.org/D41967

(cherry picked from commit 15a51d3aba)
This commit is contained in:
Mariusz Zaborski 2023-09-28 15:24:39 +02:00
parent 6f63d749fe
commit 87d68b131e
1 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
sys/kern/vfs_syscalls.c
View file

@ -4899,7 +4899,8 @@ kern_copy_file_range(struct thread *td, int infd, off_t *inoffp, int outfd,
len = SSIZE_MAX;
/* Get the file structures for the file descriptors. */
error = fget_read(td, infd, &cap_read_rights, &infp);
error = fget_read(td, infd,
inoffp != NULL ? &cap_pread_rights : &cap_read_rights, &infp);
if (error != 0)
goto out;
if (infp->f_ops == &badfileops) {
@ -4910,7 +4911,8 @@ kern_copy_file_range(struct thread *td, int infd, off_t *inoffp, int outfd,
error = EINVAL;
goto out;
}
error = fget_write(td, outfd, &cap_write_rights, &outfp);
error = fget_write(td, outfd,
outoffp != NULL ? &cap_pwrite_rights : &cap_write_rights, &outfp);
if (error != 0)
goto out;
if (outfp->f_ops == &badfileops) {