mirror of
https://github.com/opnsense/src.git
synced 2026-05-28 04:12:45 -04:00
db4f457f16
The NFS RFCs are pretty loose with respect to what characters
can be in a filename returned by a Readdir. However, FreeBSD,
as a POSIX system will not handle imbedded '/' or nul characters
in file names. Also, for NFSv4, the file names "." and ".."
are handcrafted on the client and should not be returned by a
NFSv4 server.
This patch scans for the above in filenames returned by Readdir and
ignores any entry returned by Readdir which has them in it.
Because an imbedded nul would be a string terminator, it was
not possible to code this check efficiently using string(3)
functions.
Approved by: so
Security: FreeBSD-SA-24:07.nfsclient
Security: CVE-2024-6759
Reported by: Apple Security Engineering and Architecture (SEAR)
(cherry picked from commit 026cdaa3b3a92574d9ac3155216e5cc0b0bd4c51)
(cherry picked from commit
|
||
|---|---|---|
| .. | ||
| nfs.h | ||
| nfs_clbio.c | ||
| nfs_clcomsubs.c | ||
| nfs_clkdtrace.c | ||
| nfs_clkrpc.c | ||
| nfs_clnfsiod.c | ||
| nfs_clnode.c | ||
| nfs_clport.c | ||
| nfs_clrpcops.c | ||
| nfs_clstate.c | ||
| nfs_clsubs.c | ||
| nfs_clvfsops.c | ||
| nfs_clvnops.c | ||
| nfs_kdtrace.h | ||
| nfsmount.h | ||
| nfsnode.h | ||
| nlminfo.h | ||