From nobody Sun Apr 28 10:20:42 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1566996642; cv=none; d=zoho.com; s=zohoarc; b=P8w5OzfcQLxZTEqysknnf4T5mev3k9GEG+KOxQgAfYHoMFAqyfOd8r9RjNFPAXWqfYsmkZzgUK80o/0K5O+fXtzffxYDB8PDWx6KVn+fJkS2w53AnGdAsYJz/GT6h0JBPtPSX8XUSK7ZKuuipS7bTt68EYLl879eTzIvaVxImYE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1566996642; h=Content-Type:Cc:Date:From:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Sender:Subject:To:ARC-Authentication-Results; bh=fXwDjvkiSR51wUgfwZrv0qPbwyHG613OWjY8sff0fSw=; b=SYpEs+qYp5KMjzRRENza8iuaIoPPIl4hQipy5ijYO4fCkMjiARkHLoM+WYmkMNWK09moX91GOuIFpXDGA8GHISrQ/T5TfjjcJ5v/GvtYtOq3TetJzZlb94py7/UKiHA+zZhUHbQKq5rnidkutYw3ex5o/cYKmh/DFswVao0tV+k= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 156699664249314.5818110542275; Wed, 28 Aug 2019 05:50:42 -0700 (PDT) Received: from localhost ([::1]:36016 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1i2xPK-0006rE-S5 for importer@patchew.org; Wed, 28 Aug 2019 08:50:38 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:57318) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1i2xOO-0006Rs-C5 for qemu-devel@nongnu.org; Wed, 28 Aug 2019 08:49:41 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1i2xOM-0003i3-OI for qemu-devel@nongnu.org; Wed, 28 Aug 2019 08:49:39 -0400 Received: from mx1.redhat.com ([209.132.183.28]:29216) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1i2xOM-0003hY-J2 for qemu-devel@nongnu.org; Wed, 28 Aug 2019 08:49:38 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 0F56618B3D86 for ; Wed, 28 Aug 2019 12:49:37 +0000 (UTC) Received: from gigantic.usersys.redhat.com (helium.bos.redhat.com [10.18.17.132]) by smtp.corp.redhat.com (Postfix) with ESMTPS id F38645D717; Wed, 28 Aug 2019 12:49:29 +0000 (UTC) From: Bandan Das To: qemu-devel@nongnu.org Date: Wed, 28 Aug 2019 08:49:28 -0400 Message-ID: User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.6.2 (mx1.redhat.com [10.5.110.63]); Wed, 28 Aug 2019 12:49:37 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH] usb-mtp: add sanity checks on rootdir X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: "Daniel P. =?utf-8?Q?Berrang=C3=A9?=" , Gerd Hoffmann Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Currently, we don't check if rootdir exists and is accessible. Furthermore, a trailing slash results in a null "desc" string which ends up in the share not visible in the guest. Add some simple sanity checks for appropriate permissions. Also, bail out if the user does not supply an absolute path. Signed-off-by: Bandan Das --- hw/usb/dev-mtp.c | 38 ++++++++++++++++++++++++-------------- 1 file changed, 24 insertions(+), 14 deletions(-) diff --git a/hw/usb/dev-mtp.c b/hw/usb/dev-mtp.c index 9846e4b513..7c07295519 100644 --- a/hw/usb/dev-mtp.c +++ b/hw/usb/dev-mtp.c @@ -2038,26 +2038,36 @@ static void usb_mtp_realize(USBDevice *dev, Error *= *errp) { MTPState *s =3D USB_MTP(dev); =20 - usb_desc_create_serial(dev); - usb_desc_init(dev); - QTAILQ_INIT(&s->objects); - if (s->desc =3D=3D NULL) { - if (s->root =3D=3D NULL) { - error_setg(errp, "usb-mtp: rootdir property must be configured= "); - return; - } - s->desc =3D strrchr(s->root, '/'); - if (s->desc && s->desc[0]) { - s->desc =3D g_strdup(s->desc + 1); - } else { - s->desc =3D g_strdup("none"); - } + if ((s->root =3D=3D NULL) || !g_path_is_absolute(s->root)) { + error_setg(errp, "usb-mtp: rootdir must be configured and be an ab= solute path"); + return; } + + if (access(s->root, R_OK) !=3D 0) { + error_setg(errp, "usb-mtp: rootdir does not exist/not readable"); + return; + } else if (!s->readonly && access(s->root, W_OK) !=3D 0) { + error_setg(errp, "usb-mtp: rootdir does not have write permissions= "); + return; + } + /* Mark store as RW */ if (!s->readonly) { s->flags |=3D (1 << MTP_FLAG_WRITABLE); } =20 + if (s->desc =3D=3D NULL) { + /* + * This does not check if path exists + * but we have the checks above + */ + s->desc =3D g_path_get_basename(s->root); + } + + usb_desc_create_serial(dev); + usb_desc_init(dev); + QTAILQ_INIT(&s->objects); + } =20 static const VMStateDescription vmstate_usb_mtp =3D { --=20 2.20.1