Message ID | 95b7c243dae00ef4fd745f2b6d2cd0c979779237.1731514115.git.bcodding@redhat.com (mailing list archive) |
---|---|
State | New |
Headers | show |
Series | libnsm: safer atomic filenames | expand |
On Wed, Nov 13, 2024 at 11:11:11AM -0500, Benjamin Coddington wrote: > We've gotten a report of reboot notifications being sent to domains that > end in '.new', which can happen if the NSM temporary pathname code leaves a > file behind. Let's fix this up by prepending a single '.' to the temp path > which will never be resolvable as a DNS record. > > https://lore.kernel.org/linux-nfs/04D30B5A-C53E-4920-ADCB-C77F5577669E@oracle.com/T/#t > > Reported-by: Philip Rowlands <linux-nfs@dimebar.com> > Signed-off-by: Benjamin Coddington <bcodding@redhat.com> > --- > support/nsm/file.c | 10 +++++++--- > 1 file changed, 7 insertions(+), 3 deletions(-) > > diff --git a/support/nsm/file.c b/support/nsm/file.c > index f5b448015751..e0804136ccbe 100644 > --- a/support/nsm/file.c > +++ b/support/nsm/file.c > @@ -184,10 +184,10 @@ static char * > nsm_make_temp_pathname(const char *pathname) > { > size_t size; > - char *path; > + char *path, *base; > int len; > > - size = strlen(pathname) + sizeof(".new") + 2; > + size = strlen(pathname) + sizeof(".new") + 3; > if (size > PATH_MAX) > return NULL; > > @@ -195,7 +195,11 @@ nsm_make_temp_pathname(const char *pathname) > if (path == NULL) > return NULL; > > - len = snprintf(path, size, "%s.new", pathname); > + base = strrchr(pathname, '/'); > + strcpy(path, pathname); > + > + len = base - pathname; > + len += snprintf(path + len + 1, size-len, ".%s.new", base+1); > if (error_check(len, size)) { > free(path); > return NULL; > > base-commit: 38b46cb1f28737069d7887b5ccf7001ba4a4ff59 > -- > 2.47.0 > Reviewed-by: Chuck Lever <chuck.lever@oracle.com>
On 11/13/24 11:11 AM, Benjamin Coddington wrote: > We've gotten a report of reboot notifications being sent to domains that > end in '.new', which can happen if the NSM temporary pathname code leaves a > file behind. Let's fix this up by prepending a single '.' to the temp path > which will never be resolvable as a DNS record. > > https://lore.kernel.org/linux-nfs/04D30B5A-C53E-4920-ADCB-C77F5577669E@oracle.com/T/#t > > Reported-by: Philip Rowlands <linux-nfs@dimebar.com> > Signed-off-by: Benjamin Coddington <bcodding@redhat.com> Committed... (tag: nfs-utils-2-8-2-rc2) steved. > --- > support/nsm/file.c | 10 +++++++--- > 1 file changed, 7 insertions(+), 3 deletions(-) > > diff --git a/support/nsm/file.c b/support/nsm/file.c > index f5b448015751..e0804136ccbe 100644 > --- a/support/nsm/file.c > +++ b/support/nsm/file.c > @@ -184,10 +184,10 @@ static char * > nsm_make_temp_pathname(const char *pathname) > { > size_t size; > - char *path; > + char *path, *base; > int len; > > - size = strlen(pathname) + sizeof(".new") + 2; > + size = strlen(pathname) + sizeof(".new") + 3; > if (size > PATH_MAX) > return NULL; > > @@ -195,7 +195,11 @@ nsm_make_temp_pathname(const char *pathname) > if (path == NULL) > return NULL; > > - len = snprintf(path, size, "%s.new", pathname); > + base = strrchr(pathname, '/'); > + strcpy(path, pathname); > + > + len = base - pathname; > + len += snprintf(path + len + 1, size-len, ".%s.new", base+1); > if (error_check(len, size)) { > free(path); > return NULL; > > base-commit: 38b46cb1f28737069d7887b5ccf7001ba4a4ff59
diff --git a/support/nsm/file.c b/support/nsm/file.c index f5b448015751..e0804136ccbe 100644 --- a/support/nsm/file.c +++ b/support/nsm/file.c @@ -184,10 +184,10 @@ static char * nsm_make_temp_pathname(const char *pathname) { size_t size; - char *path; + char *path, *base; int len; - size = strlen(pathname) + sizeof(".new") + 2; + size = strlen(pathname) + sizeof(".new") + 3; if (size > PATH_MAX) return NULL; @@ -195,7 +195,11 @@ nsm_make_temp_pathname(const char *pathname) if (path == NULL) return NULL; - len = snprintf(path, size, "%s.new", pathname); + base = strrchr(pathname, '/'); + strcpy(path, pathname); + + len = base - pathname; + len += snprintf(path + len + 1, size-len, ".%s.new", base+1); if (error_check(len, size)) { free(path); return NULL;
We've gotten a report of reboot notifications being sent to domains that end in '.new', which can happen if the NSM temporary pathname code leaves a file behind. Let's fix this up by prepending a single '.' to the temp path which will never be resolvable as a DNS record. https://lore.kernel.org/linux-nfs/04D30B5A-C53E-4920-ADCB-C77F5577669E@oracle.com/T/#t Reported-by: Philip Rowlands <linux-nfs@dimebar.com> Signed-off-by: Benjamin Coddington <bcodding@redhat.com> --- support/nsm/file.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) base-commit: 38b46cb1f28737069d7887b5ccf7001ba4a4ff59