summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorccardenas <ccardenas@cvs.openbsd.org>2018-01-04 15:19:57 +0000
committerccardenas <ccardenas@cvs.openbsd.org>2018-01-04 15:19:57 +0000
commit6ff1aa1883de94415f31b99519855055037485cb (patch)
tree537f938c8d3cd8d4ba54b221c6aed11291cf3098
parent752ec6c1bb8b8aa67408deb7a38cb82331610c57 (diff)
Address TOCTOU issue with checking to ensure disks are regular files.
Reported by jca@. Ok mlarkin@ and deraadt@
Diffstat
-rw-r--r--usr.sbin/vmd/config.c16
1 files changed, 8 insertions, 8 deletions
diff --git a/usr.sbin/vmd/config.c b/usr.sbin/vmd/config.c
index 399279bd993..006fc7d2efb 100644
--- a/usr.sbin/vmd/config.c
+++ b/usr.sbin/vmd/config.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: config.c,v 1.38 2018/01/03 05:39:56 ccardenas Exp $ */
+/* $OpenBSD: config.c,v 1.39 2018/01/04 15:19:56 ccardenas Exp $ */
/*
* Copyright (c) 2015 Reyk Floeter <reyk@openbsd.org>
@@ -262,23 +262,23 @@ config_setvm(struct privsep *ps, struct vmd_vm *vm, uint32_t peerid, uid_t uid)
/* Open disk images for child */
for (i = 0 ; i < vcp->vcp_ndisks; i++) {
/* Stat disk[i] to ensure it is a regular file */
- if (stat(vcp->vcp_disks[i], &stat_buf) == -1) {
+ if ((diskfds[i] =
+ open(vcp->vcp_disks[i], O_RDWR)) == -1) {
log_warn("%s: can't open disk %s", __func__,
vcp->vcp_disks[i]);
errno = VMD_DISK_MISSING;
goto fail;
}
- if (S_ISREG(stat_buf.st_mode) == 0) {
- log_warn("%s: disk %s is not a regular file", __func__,
+ if (fstat(diskfds[i], &stat_buf) == -1) {
+ log_warn("%s: can't open disk %s", __func__,
vcp->vcp_disks[i]);
errno = VMD_DISK_INVALID;
goto fail;
}
- if ((diskfds[i] =
- open(vcp->vcp_disks[i], O_RDWR)) == -1) {
- log_warn("%s: can't open disk %s", __func__,
+ if (S_ISREG(stat_buf.st_mode) == 0) {
+ log_warn("%s: disk %s is not a regular file", __func__,
vcp->vcp_disks[i]);
- errno = VMD_DISK_MISSING;
+ errno = VMD_DISK_INVALID;
goto fail;
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-26 05:01:27 +0000