nix icon indicating copy to clipboard operation
nix copied to clipboard

Published 20 hours ago verified publisher icon nix-rust

`quotactl` should be unsafe

Open djkoloski opened this issue 2 years ago • 2 comments
trafficstars

The final argument to quotactl must conform to a strict specification depending on the command being run. quotactl does not perform any validation of the pointer argument passed to it, and so it should be unsafe to call. The caller must guarantee that the addr pointer follows the specification for quotactl.

~~Because many functions in src/sys/quota.rs call quotactl, they also need to be checked for soundness. A quick glance indicates that quotactl_on is incorrect because it passes an &P: NixPath in where it should be passing a C string (for example, using with_nix_path.~~ Edit: I was mistaken on this second point.

djkoloski avatar Jan 25 '23 18:01 djkoloski

Right on the first point, but quotactl_on is using with_nix_path. Could you look again?

asomers avatar Feb 13 '23 23:02 asomers

Ah yep, my bad. I think I mixed up p and thought it was an &P. Sorry for the confusion!

djkoloski avatar Feb 13 '23 23:02 djkoloski