iSulad/0053-prevent-the-parent-dir-from-being-bind-mounted-to-th.patch

From 05117ed2887ee1535978170cd06596ee015951f4 Mon Sep 17 00:00:00 2001
From: zhongtao <zhongtao17@huawei.com>
Date: Tue, 12 Dec 2023 20:26:30 +0800
Subject: [PATCH 53/64] prevent the parent dir from being bind mounted to the
 subdir

Signed-off-by: zhongtao <zhongtao17@huawei.com>
---
 src/utils/tar/util_archive.c | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/src/utils/tar/util_archive.c b/src/utils/tar/util_archive.c
index e8fad391..29c2bc03 100644
--- a/src/utils/tar/util_archive.c
+++ b/src/utils/tar/util_archive.c
@@ -182,6 +182,26 @@ unlock_out:
     return ret;
 }
 
+static int is_parent_directory(const char *parent_path, const char *child_path)
+{
+    size_t parent_len = strlen(parent_path);
+    size_t child_len = strlen(child_path);
+
+    if (parent_len == 0 || child_len == 0 || parent_len >= child_len) {
+        return -1;
+    }
+
+    if (strncmp(parent_path, child_path, parent_len) != 0) {
+        return -1;
+    }
+
+    if (child_path[parent_len] != '/') {
+        return -1;
+    }
+
+    return 0;
+}
+
 static int make_safedir_is_noexec(const char *flock_path, const char *dstdir, char **safe_dir)
 {
     struct stat buf;
@@ -235,6 +255,12 @@ static int make_safedir_is_noexec(const char *flock_path, const char *dstdir, ch
         return -1;
     }
 
+    // prevent the parent directory from being bind mounted to the subdirectory
+    if (is_parent_directory(dstdir, tmp_dir) == 0) {
+        ERROR("Cannot bind mount the parent directory: %s to its subdirectory: %s", dstdir, tmp_dir);
+        return -1;
+    }
+
     if (bind_mount_with_flock(flock_path, dstdir, tmp_dir) != 0) {
         ERROR("Failed to bind mount from %s to %s with flock", dstdir, tmp_dir);
         if (util_path_remove(tmp_dir) != 0) {
-- 
2.42.0
!638 upgrade from upstream * upgrade from upstream 2023-12-21 02:03:18 +00:00			`From 05117ed2887ee1535978170cd06596ee015951f4 Mon Sep 17 00:00:00 2001`
			`From: zhongtao <zhongtao17@huawei.com>`
			`Date: Tue, 12 Dec 2023 20:26:30 +0800`
			`Subject: [PATCH 53/64] prevent the parent dir from being bind mounted to the`
			`subdir`

			`Signed-off-by: zhongtao <zhongtao17@huawei.com>`
			`---`
			`src/utils/tar/util_archive.c \| 26 ++++++++++++++++++++++++++`
			`1 file changed, 26 insertions(+)`

			`diff --git a/src/utils/tar/util_archive.c b/src/utils/tar/util_archive.c`
			`index e8fad391..29c2bc03 100644`
			`--- a/src/utils/tar/util_archive.c`
			`+++ b/src/utils/tar/util_archive.c`
			`@@ -182,6 +182,26 @@ unlock_out:`
			`return ret;`
			`}`

			`+static int is_parent_directory(const char parent_path, const char child_path)`
			`+{`
			`+ size_t parent_len = strlen(parent_path);`
			`+ size_t child_len = strlen(child_path);`
			`+`
			`+ if (parent_len == 0 \|\| child_len == 0 \|\| parent_len >= child_len) {`
			`+ return -1;`
			`+ }`
			`+`
			`+ if (strncmp(parent_path, child_path, parent_len) != 0) {`
			`+ return -1;`
			`+ }`
			`+`
			`+ if (child_path[parent_len] != '/') {`
			`+ return -1;`
			`+ }`
			`+`
			`+ return 0;`
			`+}`
			`+`
			`static int make_safedir_is_noexec(const char flock_path, const char dstdir, char **safe_dir)`
			`{`
			`struct stat buf;`
			`@@ -235,6 +255,12 @@ static int make_safedir_is_noexec(const char flock_path, const char dstdir, ch`
			`return -1;`
			`}`

			`+ // prevent the parent directory from being bind mounted to the subdirectory`
			`+ if (is_parent_directory(dstdir, tmp_dir) == 0) {`
			`+ ERROR("Cannot bind mount the parent directory: %s to its subdirectory: %s", dstdir, tmp_dir);`
			`+ return -1;`
			`+ }`
			`+`
			`if (bind_mount_with_flock(flock_path, dstdir, tmp_dir) != 0) {`
			`ERROR("Failed to bind mount from %s to %s with flock", dstdir, tmp_dir);`
			`if (util_path_remove(tmp_dir) != 0) {`
			`--`
			`2.42.0`