diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2023-01-27 13:39:30 -0800 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2023-01-27 13:39:30 -0800 |
| commit | 0acffb235fbf57f11a3da1098f9134825ac7c1c9 (patch) | |
| tree | dc48431df7e75b16e902e40a97c51059974727dc | |
| parent | 76e26e3c6a49b368a6fd38e2da2b1b164470cc52 (diff) | |
| parent | 4f11ada10d0ad3fd53e2bd67806351de63a4f9c3 (diff) | |
| download | linux-0acffb235fbf57f11a3da1098f9134825ac7c1c9.tar.bz2 | |
Merge tag 'ovl-fixes-6.2-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs
Pull overlayfs fixes from Miklos Szeredi:
"Fix two bugs, a recent one introduced in the last cycle, and an older
one from v5.11"
* tag 'ovl-fixes-6.2-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs:
ovl: fail on invalid uid/gid mapping at copy up
ovl: fix tmpfile leak
| -rw-r--r-- | fs/overlayfs/copy_up.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/fs/overlayfs/copy_up.c b/fs/overlayfs/copy_up.c index 6e4e65ee050d..c14e90764e35 100644 --- a/fs/overlayfs/copy_up.c +++ b/fs/overlayfs/copy_up.c @@ -792,7 +792,7 @@ static int ovl_copy_up_tmpfile(struct ovl_copy_up_ctx *c) if (!c->metacopy && c->stat.size) { err = ovl_copy_up_file(ofs, c->dentry, tmpfile, c->stat.size); if (err) - return err; + goto out_fput; } err = ovl_copy_up_metadata(c, temp); @@ -1011,6 +1011,10 @@ static int ovl_copy_up_one(struct dentry *parent, struct dentry *dentry, if (err) return err; + if (!kuid_has_mapping(current_user_ns(), ctx.stat.uid) || + !kgid_has_mapping(current_user_ns(), ctx.stat.gid)) + return -EOVERFLOW; + ctx.metacopy = ovl_need_meta_copy_up(dentry, ctx.stat.mode, flags); if (parent) { |