From 6a62446bab937cfc3f6628b7b334d0b04724e367 Mon Sep 17 00:00:00 2001
From: Jonas 'Sortie' Termansen <sortie@maxsi.org>
Date: Wed, 29 May 2013 23:01:46 +0200
Subject: [PATCH] Prevent escaping the root filesystem.

---
 sortix/vnode.cpp | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/sortix/vnode.cpp b/sortix/vnode.cpp
index 20e3a8f5..e635e5d7 100644
--- a/sortix/vnode.cpp
+++ b/sortix/vnode.cpp
@@ -25,6 +25,7 @@
 #include <sortix/kernel/platform.h>
 #include <sortix/kernel/refcount.h>
 #include <sortix/kernel/ioctx.h>
+#include <sortix/kernel/descriptor.h>
 #include <sortix/kernel/inode.h>
 #include <sortix/kernel/vnode.h>
 #include <sortix/kernel/mtable.h>
@@ -68,9 +69,18 @@ Vnode::~Vnode()
 
 Ref<Vnode> Vnode::open(ioctx_t* ctx, const char* filename, int flags, mode_t mode)
 {
+	bool dotdot = strcmp(filename, "..") == 0;
+
+	// Prevent escaping the root filesystem.
+	if ( dotdot )
+	{
+		Ref<Descriptor> root = CurrentProcess()->GetRoot();
+		if ( root->ino == ino && root->dev == dev )
+			return Ref<Vnode>(this);
+	}
+
 	// Handle transition across filesystem mount points.
 	bool isroot = inode->ino == rootino && inode->dev == rootdev;
-	bool dotdot = strcmp(filename, "..") == 0;
 	if ( isroot && dotdot && mountedat )
 		return mountedat;