Author: todd
Date: Tue Jan 15 00:12:47 2013
New Revision: 1433229
URL: http://svn.apache.org/viewvc?rev=1433229&view=rev
Log:
HDFS-4401. Fix bug in DomainSocket path validation. Contributed by Colin
Patrick McCabe.
Modified:
hadoop/common/branches/HDFS-347/hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/net/unix/DomainSocket.c
hadoop/common/branches/HDFS-347/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/net/unix/TestDomainSocket.java
Modified:
hadoop/common/branches/HDFS-347/hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/net/unix/DomainSocket.c
URL:
http://svn.apache.org/viewvc/hadoop/common/branches/HDFS-347/hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/net/unix/DomainSocket.c?rev=1433229&r1=1433228&r2=1433229&view=diff
==============================================================================
---
hadoop/common/branches/HDFS-347/hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/net/unix/DomainSocket.c
(original)
+++
hadoop/common/branches/HDFS-347/hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/net/unix/DomainSocket.c
Tue Jan 15 00:12:47 2013
@@ -232,7 +232,7 @@ Java_org_apache_hadoop_net_unix_DomainSo
JNIEnv *env, jclass clazz, jobject jstr, jint skipComponents)
{
jint utfLength;
- char path[PATH_MAX], check[PATH_MAX] = { 0 }, *token, *rest;
+ char path[PATH_MAX], check[PATH_MAX], *token, *rest;
struct stat st;
int ret, mode, strlenPath;
uid_t uid;
@@ -263,21 +263,26 @@ JNIEnv *env, jclass clazz, jobject jstr,
"must not end in a slash.", path);
goto done;
}
- rest = path;
- while ((token = strtok_r(rest, "/", &rest))) {
- strcat(check, "/");
+ // This loop iterates through all of the path components except for the very
+ // last one. We don't validate the last component, since it's not supposed
to
+ // be a directory. (If it is a directory, we will fail to create the socket
+ // later with EISDIR or similar.)
+ for (check[0] = '/', check[1] = '\0', rest = path, token = "";
+ token && rest[0];
+ token = strtok_r(rest, "/", &rest)) {
+ if (strcmp(check, "/") != 0) {
+ // If the previous directory we checked was '/', we skip appending
another
+ // slash to the end because it would be unncessary. Otherwise we do it.
+ strcat(check, "/");
+ }
+ // These strcats are safe because the length of 'check' is the same as the
+ // length of 'path' and we never add more slashes than were in the original
+ // path.
strcat(check, token);
if (skipComponents > 0) {
skipComponents--;
continue;
}
- if (!index(rest, '/')) {
- /* Don't validate the last component, since it's not supposed to be a
- * directory. (If it is a directory, we will fail to create the socket
- * later with EISDIR or similar.)
- */
- break;
- }
if (stat(check, &st) < 0) {
ret = errno;
jthr = newIOException(env, "failed to stat a path component: '%s'. "
Modified:
hadoop/common/branches/HDFS-347/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/net/unix/TestDomainSocket.java
URL:
http://svn.apache.org/viewvc/hadoop/common/branches/HDFS-347/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/net/unix/TestDomainSocket.java?rev=1433229&r1=1433228&r2=1433229&view=diff
==============================================================================
---
hadoop/common/branches/HDFS-347/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/net/unix/TestDomainSocket.java
(original)
+++
hadoop/common/branches/HDFS-347/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/net/unix/TestDomainSocket.java
Tue Jan 15 00:12:47 2013
@@ -698,7 +698,7 @@ public class TestDomainSocket {
"component: ", e);
}
// Root should be secure
- DomainSocket.validateSocketPathSecurity0("/foo", 0);
+ DomainSocket.validateSocketPathSecurity0("/foo", 1);
} finally {
tmp.close();
}
