Re: git: a718431c30a5 - main - lookup(): ensure that openat("/", "..", O_RESOLVE_BENEATH) fails

In reply to: Cy Schubert : "Re: git: a718431c30a5 - main - lookup(): ensure that openat("/", "..", O_RESOLVE_BENEATH) fails"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Konstantin Belousov <kostikbel_at_gmail.com>
Date: Mon, 24 Apr 2023 23:19:04 UTC

On Mon, Apr 24, 2023 at 04:18:00PM -0700, Cy Schubert wrote:
> In message <202304242132.33OLWTCn060852@gitrepo.freebsd.org>, Konstantin 
> Belous
> ov writes:
> > The branch main has been updated by kib:
> >
> > URL: https://cgit.FreeBSD.org/src/commit/?id=a718431c30a57226bc7c1a9181fc84ba
> > b00641a1
> >
> > commit a718431c30a57226bc7c1a9181fc84bab00641a1
> > Author:     Konstantin Belousov <kib@FreeBSD.org>
> > AuthorDate: 2023-04-23 23:21:42 +0000
> > Commit:     Konstantin Belousov <kib@FreeBSD.org>
> > CommitDate: 2023-04-24 21:32:10 +0000
> >
> >     lookup(): ensure that openat("/", "..", O_RESOLVE_BENEATH) fails
> >     
> >     PR:     269780
> >     Reported by:    Dan Gohman <dev@sunfishcode.online>
> >     Reviewed by:    emaste, markj
> >     Sponsored by:   The FreeBSD Foundation
> >     MFC after:      1 week
> >     Differential revision:  https://reviews.freebsd.org/D39773
> 
> Should this also require a CVE number?
I do not see why.