From: Paul Floyd <pjfloyd@wanadoo.fr>
Date: Sun, 31 Aug 2025 06:21:23 +0000 (+0200)
Subject: Bug 507866 - fanotify_mark dirfd isn't checked
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=5f753c39ea6285fec27cc68cbaf6a629c5051f23;p=thirdparty%2Fvalgrind.git

Bug 507866 - fanotify_mark dirfd isn't checked
---

diff --git a/NEWS b/NEWS
index b1f4d8d11..d9ac8bdcb 100644
--- a/NEWS
+++ b/NEWS
@@ -76,6 +76,7 @@ are not entered into bugzilla tend to get forgotten about or ignored.
 507720  Review syscalls returning file descriptors (other platforms)
 507721  Wire up illumos and Solaris mallinfo
 507853  faccessat and faccessat2 should handle AT_FDCWD and absolute paths
+507866  fanotify_mark dirfd isn't checked
 507868  futimesat doesn't handle AT_FDCWD
 507869  Various at syscalls don't check dirfd argument
 507873  Make fchmodat and fchmodat2 syscall wrappers accept AT_FDCWD
diff --git a/coregrind/m_syswrap/syswrap-linux.c b/coregrind/m_syswrap/syswrap-linux.c
index 785031c10..a511ccfe2 100644
--- a/coregrind/m_syswrap/syswrap-linux.c
+++ b/coregrind/m_syswrap/syswrap-linux.c
@@ -2862,11 +2862,12 @@ PRE(sys_fanotify_mark)
                  int, dfd, const char *, pathname);
    if (ARG5)
       PRE_MEM_RASCIIZ( "fanotify_mark(path)", ARG5);
-   if ( !ML_(fd_allowed)(SARG1, "fanotify_mark", tid, False) )
-      SET_STATUS_Failure( VKI_EBADF );
 #else
 #  error Unexpected word size
 #endif
+    if ( !ML_(fd_allowed)(SARG1, "fanotify_mark[fanotify_fd]", tid, False) )
+       SET_STATUS_Failure( VKI_EBADF );
+    ML_(fd_at_check_allowed)(SARG4, (const HChar*)ARG5, "mkdirat[firfd]", tid, status);
 }
 
 /* ---------------------------------------------------------------------