This fixes CVE-2016-9602 for all security models.
Signed-off-by: Greg Kurz <[email protected]>
---
hw/9pfs/9p-local.c | 13 ++++++-------
1 file changed, 6 insertions(+), 7 deletions(-)
diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
index 4377aa6524c2..dbc56b16979c 100644
--- a/hw/9pfs/9p-local.c
+++ b/hw/9pfs/9p-local.c
@@ -1452,15 +1452,14 @@ static int local_fsync(FsContext *ctx, int fid_type,
}
}
-static int local_statfs(FsContext *s, V9fsPath *fs_path, struct statfs *stbuf)
+static int local_statfs(FsContext *fs_ctx, V9fsPath *fs_path,
+ struct statfs *stbuf)
{
- char *buffer;
- int ret;
- char *path = fs_path->data;
+ int fd, ret;
- buffer = rpath(s, path);
- ret = statfs(buffer, stbuf);
- g_free(buffer);
+ fd = local_open_nofollow(fs_ctx, fs_path->data, O_RDONLY, 0);
+ ret = fstatfs(fd, stbuf);
+ close_preserve_errno(fd);
return ret;
}
