kvmtool: 9p: fix path traversal vulnerabilities (9bb99a82) · Commits · linux-arm / kvmtool-cca

Commit 9bb99a82 authored Nov 10, 2016 by G. Campana Committed by Will Deacon Nov 18, 2016

kvmtool: 9p: fix path traversal vulnerabilities



A path traversal exists because the guest can send "../" sequences to
the host 9p handlers. To fix this vulnerability, we ensure that path
components sent by the guest don't contain "../" sequences.

Signed-off-by: G. Campana <gcampana+kvm@quarkslab.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>

parent 1cd6f516

Hide whitespace changes

Inline Side-by-side

Please register or to comment