From nobody Mon Feb 9 11:31:56 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1567062875; cv=none; d=zoho.com; s=zohoarc; b=NjAYaappf30L7PzRH7iArPpl4CWDQF4MQOgGe1tRHRv4PaucoE/CjtUPhzTgzuW/lqjUAde+2bGar3Y0eHyFxoJq2lECCI3nDQvUS+ZJSLf4gMVt+3zNxkJjpovM0G2gLEcVqmjNdf6Y7b/SCGwMlwOhi5NYpkvTv1uIsBw3Njo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1567062875; h=Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=sh2e3eGHakWUWBaqnNYz8zPRorJyx1CfQUbutwCCdc4=; b=GxHa6q0tNtxOxtEonNPZ6GenJnfN8zaR4xIF6dsf5STe0ZUHrGguZqiiPXyQNZOX3LKR+YXfiBAORWhDwDsOnvyCGVHassDBkDjooViSubDmszKDQ93/LPPE8709U02e0ssU7ZdA2he8g/CKiA2+h69rh9lNK1cbl70hxNHdQO0= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1567062875601595.9191402236859; Thu, 29 Aug 2019 00:14:35 -0700 (PDT) Received: from localhost ([::1]:46162 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1i3Ede-0005uw-HS for importer@patchew.org; Thu, 29 Aug 2019 03:14:34 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:43499) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1i3EZh-0001NY-53 for qemu-devel@nongnu.org; Thu, 29 Aug 2019 03:10:30 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1i3EZf-000546-3R for qemu-devel@nongnu.org; Thu, 29 Aug 2019 03:10:29 -0400 Received: from mx1.redhat.com ([209.132.183.28]:59212) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1i3EZb-000500-9z for qemu-devel@nongnu.org; Thu, 29 Aug 2019 03:10:25 -0400 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 3085F8980E2 for ; Thu, 29 Aug 2019 07:10:22 +0000 (UTC) Received: from sirius.home.kraxel.org (ovpn-116-95.ams2.redhat.com [10.36.116.95]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1D3FD60872; Thu, 29 Aug 2019 07:10:17 +0000 (UTC) Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id 6272E31E86; Thu, 29 Aug 2019 09:10:16 +0200 (CEST) From: Gerd Hoffmann To: qemu-devel@nongnu.org Date: Thu, 29 Aug 2019 09:10:16 +0200 Message-Id: <20190829071016.16589-4-kraxel@redhat.com> In-Reply-To: <20190829071016.16589-1-kraxel@redhat.com> References: <20190829071016.16589-1-kraxel@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.6.2 (mx1.redhat.com [10.5.110.67]); Thu, 29 Aug 2019 07:10:22 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PULL 3/3] usb-mtp: add sanity checks on rootdir X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Bandan Das , Gerd Hoffmann Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" From: Bandan Das Currently, we don't check if rootdir exists and is accessible. Furthermore, a trailing slash results in a null "desc" string which ends up in the share not visible in the guest. Add some simple sanity checks for appropriate permissions. Also, bail out if the user does not supply an absolute path. Signed-off-by: Bandan Das Message-id: jpga7bto3on.fsf@linux.bootlegged.copy Signed-off-by: Gerd Hoffmann --- hw/usb/dev-mtp.c | 38 ++++++++++++++++++++++++-------------- 1 file changed, 24 insertions(+), 14 deletions(-) diff --git a/hw/usb/dev-mtp.c b/hw/usb/dev-mtp.c index 9846e4b5130b..7c07295519d3 100644 --- a/hw/usb/dev-mtp.c +++ b/hw/usb/dev-mtp.c @@ -2038,26 +2038,36 @@ static void usb_mtp_realize(USBDevice *dev, Error *= *errp) { MTPState *s =3D USB_MTP(dev); =20 - usb_desc_create_serial(dev); - usb_desc_init(dev); - QTAILQ_INIT(&s->objects); - if (s->desc =3D=3D NULL) { - if (s->root =3D=3D NULL) { - error_setg(errp, "usb-mtp: rootdir property must be configured= "); - return; - } - s->desc =3D strrchr(s->root, '/'); - if (s->desc && s->desc[0]) { - s->desc =3D g_strdup(s->desc + 1); - } else { - s->desc =3D g_strdup("none"); - } + if ((s->root =3D=3D NULL) || !g_path_is_absolute(s->root)) { + error_setg(errp, "usb-mtp: rootdir must be configured and be an ab= solute path"); + return; } + + if (access(s->root, R_OK) !=3D 0) { + error_setg(errp, "usb-mtp: rootdir does not exist/not readable"); + return; + } else if (!s->readonly && access(s->root, W_OK) !=3D 0) { + error_setg(errp, "usb-mtp: rootdir does not have write permissions= "); + return; + } + /* Mark store as RW */ if (!s->readonly) { s->flags |=3D (1 << MTP_FLAG_WRITABLE); } =20 + if (s->desc =3D=3D NULL) { + /* + * This does not check if path exists + * but we have the checks above + */ + s->desc =3D g_path_get_basename(s->root); + } + + usb_desc_create_serial(dev); + usb_desc_init(dev); + QTAILQ_INIT(&s->objects); + } =20 static const VMStateDescription vmstate_usb_mtp =3D { --=20 2.18.1