Signed-off-by: Leah Rowe <leah@libreboot.org>
This commit is contained in:
Leah Rowe
2026-03-28 09:12:15 +00:00
parent c4ff9e5763
commit 93ecd26306
2 changed files with 19 additions and 0 deletions
+13
View File
@@ -691,6 +691,10 @@ rootfs(void)
}
/* filesystem sandboxing in userspace
* TODO:
missing length bound check.
potential CPU DoS on very long paths, spammed repeatedly.
perhaps cap at PATH_LEN?
*/
int
fs_resolve_at(int dirfd, const char *path, int flags)
@@ -754,6 +758,15 @@ err:
return -1;
}
/* NOTE:
rejects . and .. but not empty strings
after normalisation. edge case:
//////
normalised implicitly, but might be good
to add a defensive check regardless. code
probably not exploitable in current state.
*/
int
fs_next_component(const char **p,
char *name, size_t namesz)
+6
View File
@@ -821,6 +821,12 @@ err:
}
#endif
/* TODO: potential infinite loop under entropy failure.
* e.g. keeps returning low quality RNG, or atacker
* has control (DoS attack potential).
* possible solution: add a timeout (and abort if
* the timeout is reached)
*/
int
mkhtemp_fill_random(char *p, size_t xc)
{