diff options
author | Czarnowski, Przemyslaw <przemyslaw.hawrylewicz.czarnowski@intel.com> | 2021-04-27 14:57:50 +0300 |
---|---|---|
committer | Czarnowski, Przemyslaw <przemyslaw.hawrylewicz.czarnowski@intel.com> | 2021-04-27 15:22:17 +0300 |
commit | 080a77fea45ae0da4639ddef22be91f853929d99 (patch) | |
tree | 05bf1fddf4459ed130907f242d5efc1fa72b0d7c /tmpfiles.d | |
parent | 7cc83164ffd69b4da0143f7e531f919b9006f944 (diff) | |
download | virtual-media-080a77fea45ae0da4639ddef22be91f853929d99.tar.xz |
Escape cifs credentials to prevent injection
Mount function consumes mount parameters as coma delimited options. In
order to make it resistant to classic parameter injection each comma in
username or password parameter that user provides is escaped by second
comma character. This fix appiles such escaping for samba credentials.
Tested:
Tested by inserting media with password=smbpass,ver=1.0. Kernel does
not mount share, showing error appropriate to incorrect credentials:
intel-obmc kernel: CIFS: Status code returned 0xc000006d \
STATUS_LOGON_FAILURE
Change-Id: I3acb24a4b24e798e54e095c69e9c6ec3151e03d1
Signed-off-by: Czarnowski, Przemyslaw <przemyslaw.hawrylewicz.czarnowski@intel.com>
Diffstat (limited to 'tmpfiles.d')
0 files changed, 0 insertions, 0 deletions