Project

General

Profile

Actions
Copy link

Bug #721

closed

Exclusion of '/../' should occur earlier during trace creation

Added by Daniel U. Thibault about 11 years ago. Updated about 11 years ago.

Status:
Resolved
Priority:
High
Assignee:
-
Target version:
LTTng - 2.3
Start date:
01/17/2014
Due date:
% Done:

100%

Estimated time:

Description

Consider this:

$ lttng create stupid/../stupider
Session stupid/../stupider created.
Traces will be written in /home/daniel/lttng-traces/stupid/../stupider-20140117-140634
$ lttng enable-event -u -a
All UST events are enabled in channel channel0
$ lttng start
Tracing started for session stupid/../stupider
Error: Using '/../' is not permitted in the trace path (/home/daniel/lttng-traces/stupid/..)
Error: Trace directory creation error

Or this:

$ lttng create stupid/../stupider -U net://131.132.32.77
Session stupid/../stupider created.
Traces will be written in net://131.132.32.77
$ lttng enable-event -u -a
All UST events are enabled in channel channel0
$ lttng start
Tracing started for session stupid/../stupider
Error: Relayd add stream replied error 11
Error: Using '/../' is not permitted in the trace path (/home/daniel/lttng-traces/stupid/..)
Error: Trace directory creation error

Clearly in both cases the session name should have been vetted by the trace path validator as soon as lttng create was issued. Note also how, in the second example, the error message makes no sense (it refers to a local path that was not going to be used).

Added by David Goulet about 11 years ago

Revision 1c1c3634 (diff)

Fix: forbid session name creation if contains /

This adds a validation function for session name which for now denies
any session name containing '/'.

This is in response of bug #721 that actually uses a path as a session
name such as "test/../session1" which would then be concatenated to the
session path adding a relative path to it making this a serious security
issue.

Because of this issue, this is backported from master up to stable-2.3.

Fixes #721

Signed-off-by: David Goulet <>

Added by David Goulet about 11 years ago

Revision 0841762c (diff)

Fix: forbid session name creation if contains /

This adds a validation function for session name which for now denies
any session name containing '/'.

This is in response of bug #721 that actually uses a path as a session
name such as "test/../session1" which would then be concatenated to the
session path adding a relative path to it making this a serious security
issue.

Because of this issue, this is backported from master up to stable-2.3.

Fixes #721

Signed-off-by: David Goulet <>

Added by David Goulet about 11 years ago

Revision beb7c148 (diff)

Fix: forbid session name creation if contains /

This adds a validation function for session name which for now denies
any session name containing '/'.

This is in response of bug #721 that actually uses a path as a session
name such as "test/../session1" which would then be concatenated to the
session path adding a relative path to it making this a serious security
issue.

Because of this issue, this is backported from master up to stable-2.3.

Fixes #721

Signed-off-by: David Goulet <>

Actions
Copy link

Also available in: Atom PDF