From c05c5a7ff43388994a85ce84121cdcfa6ee741ba Mon Sep 17 00:00:00 2001 From: Ben Wiederhake Date: Sat, 30 Oct 2021 00:45:23 +0200 Subject: Kernel: Clarify ambiguous {File,Description}::absolute_path Found due to smelly code in InodeFile::absolute_path. In particular, this replaces the following misleading methods: File::absolute_path This method *never* returns an actual path, and if called on an InodeFile (which is impossible), it would VERIFY_NOT_REACHED(). OpenFileDescription::try_serialize_absolute_path OpenFileDescription::absolute_path These methods do not guarantee to return an actual path (just like the other method), and just like Custody::absolute_path they do not guarantee accuracy. In particular, just renaming the method made a TOCTOU bug obvious. The new method signatures use KResultOr, just like try_serialize_absolute_path() already did. --- Kernel/Net/LocalSocket.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'Kernel/Net/LocalSocket.h') diff --git a/Kernel/Net/LocalSocket.h b/Kernel/Net/LocalSocket.h index 49279ee6e8..97705f1018 100644 --- a/Kernel/Net/LocalSocket.h +++ b/Kernel/Net/LocalSocket.h @@ -32,7 +32,7 @@ public: static void for_each(Function); StringView socket_path() const; - String absolute_path(const OpenFileDescription& description) const override; + KResultOr> pseudo_path(const OpenFileDescription& description) const override; // ^Socket virtual KResult bind(Userspace, socklen_t) override; -- cgit v1.2.3