[PATCH 1/2] erofs-utils: fsck: never follow exist symlinks when overwriting

Gao Xiang hsiangkao at linux.alibaba.com
Wed Jan 26 14:37:25 AEDT 2022


Otherwise, we could face potential security issues.

Fixes: 412c8f908132 ("erofs-utils: fsck: add --extract=X support to extract to path X")
Signed-off-by: Gao Xiang <hsiangkao at linux.alibaba.com>
---
 fsck/main.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/fsck/main.c b/fsck/main.c
index 14534b9..f2af609 100644
--- a/fsck/main.c
+++ b/fsck/main.c
@@ -496,8 +496,8 @@ static inline int erofs_extract_file(struct erofs_inode *inode)
 
 again:
 	fd = open(fsckcfg.extract_path,
-		  O_WRONLY | O_CREAT | (fsckcfg.overwrite ? O_TRUNC : O_EXCL),
-		  0700);
+		  O_WRONLY | O_CREAT | O_NOFOLLOW |
+			(fsckcfg.overwrite ? O_TRUNC : O_EXCL), 0700);
 	if (fd < 0) {
 		if (fsckcfg.overwrite && tryagain) {
 			if (errno == EISDIR) {
-- 
2.24.4



More information about the Linux-erofs mailing list