bug-binutils
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug binutils/26945] Unsafe chown+chmod in smart_rename, possibly elsewh

From: nickc at redhat dot com
Subject: [Bug binutils/26945] Unsafe chown+chmod in smart_rename, possibly elsewhere
Date: Mon, 30 Nov 2020 10:21:52 +0000 
https://sourceware.org/bugzilla/show_bug.cgi?id=26945

Nick Clifton <nickc at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Attachment #13003|0                           |1
        is obsolete|                            |

--- Comment #5 from Nick Clifton <nickc at redhat dot com> ---
Created attachment 13004
  --> https://sourceware.org/bugzilla/attachment.cgi?id=13004&action=edit
Proposed patch

Hi Rich,

> 1. make_tempname with fd_return==NULL is *always* a bug,

Well, I would argue that it is only a bug if the temporary file is going to
be manipulated by other system functions.  But it is also true that if a
caller does not want the file descriptor they can always close/discard it.

So I am attaching an updated patch which adds ATTRIBUTE_NONNULL to both of
the parameters to make_tempname().  That way the compiler will ensure that
any caller always receives the file descriptor.

> 2. smart_rename needs(*) *two* fds, not just one

Actually it does this.  It is just that only one fd is passed in (the open
temporary file).  The function itself opens the destination file before it
attempts to perform any other operations on it.

Cheers
  Nick

-- 
You are receiving this mail because:
You are on the CC list for the bug.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]