From 75063b2e14dacc13fcbeeba24e580198a7c1c638 Mon Sep 17 00:00:00 2001 From: David Oberhollenzer Date: Tue, 5 Jul 2022 12:16:36 +0200 Subject: Make sqfs_tree_node_get_path more robust Test against various invariants: - Every non-root node must have a name - The root node muts not have a name - The name must not be ".." or "." - The name must not contain '/' - The loop that chases parent pointers must terminate, i.e. we must never reach the starting state again (link loop). Furthermore, make sure the sum of all path components plus separators does not overflow. Signed-off-by: David Oberhollenzer --- lib/common/hardlink.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'lib/common') diff --git a/lib/common/hardlink.c b/lib/common/hardlink.c index 031724b..f8d4d4a 100644 --- a/lib/common/hardlink.c +++ b/lib/common/hardlink.c @@ -49,9 +49,9 @@ static int map_nodes(rbtree_t *inumtree, sqfs_hard_link_t **out, goto fail_oom; lnk->inode_number = idx; - lnk->target = sqfs_tree_node_get_path(target); - if (lnk->target == NULL) - goto fail_oom; + ret = sqfs_tree_node_get_path(target, &lnk->target); + if (ret != 0) + goto fail_path; if (canonicalize_name(lnk->target) == 0) { lnk->next = (*out); @@ -61,6 +61,10 @@ static int map_nodes(rbtree_t *inumtree, sqfs_hard_link_t **out, free(lnk); } return 0; +fail_path: + sqfs_perror(NULL, "re-constructing hard link path", ret); + free(lnk); + return -1; fail_oom: fputs("detecting hard links in file system tree: out of memory\n", stderr); -- cgit v1.2.3