From: Christian Brauner <brauner@kernel.org>
Date: Thu, 12 Jun 2025 13:25:17 +0000 (+0200)
Subject: coredump: fix socket path validation
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=67c3a0b0ad1a78d7ee9c3aadaed22561f7f85466;p=thirdparty%2Fkernel%2Fstable.git

coredump: fix socket path validation

Make sure that we keep it extensible and well-formed.

Link: https://lore.kernel.org/20250612-work-coredump-massage-v1-3-315c0c34ba94@kernel.org
Signed-off-by: Christian Brauner <brauner@kernel.org>
---

diff --git a/fs/coredump.c b/fs/coredump.c
index 42ceb9db2a5a9..70e37435eca95 100644
--- a/fs/coredump.c
+++ b/fs/coredump.c
@@ -1399,9 +1399,17 @@ static inline bool check_coredump_socket(void)
 	if (current->nsproxy->mnt_ns != init_task.nsproxy->mnt_ns)
 		return false;
 
-	/* Must be an absolute path or the socket request. */
-	if (*(core_pattern + 1) != '/' && *(core_pattern + 1) != '@')
+	/* Must be an absolute path... */
+	if (core_pattern[1] != '/') {
+		/* ... or the socket request protocol... */
+		if (core_pattern[1] != '@')
+			return false;
+		/* ... and if so must be an absolute path. */
+		if (core_pattern[2] != '/')
+			return false;
+		/* Anything else is unsupported. */
 		return false;
+	}
 
 	return true;
 }