14 Mar
2025
14 Mar
'25
12:38 p.m.
Jinoh Kang (@iamahuman) commented about server/fd.c:
free( dirname );if (res)return;- }
- srcname = strrchr( src, '/' ) + 1;
- if (!(dirname = memdup( src, srcname - src )))
return;- dirname[srcname - src - 1] = '\0';
- if ((dirfd = open( dirname, O_RDONLY | O_NONBLOCK )) == -1)
file_set_error();- free( dirname );
- if (dirfd == -1)
return;- if (!is_dir)
Even if `is_dir == 1`, we still need to check the parent directories since, even if directories cannot be hardlinked, they can still be bind-mounted.
For example, if `/var/lib/foo/dir1` is bind-mounted to `/home/user/dir1`, renaming the former to the latter would succeed without doing anything even if `/var/lib/foo` and `/home/user` are completely different directories.
Such renaming should fail, but we're skipping the stat check entirely so the code will simply assume the same dentry (when it's not) and let it pass.