On 12/21/23 09:09, Cédric Le Goater wrote:
Using stat() before opening a file or a directory can lead to a
time-of-check to time-of-use (TOCTOU) filesystem race, which is
reported by coverity as a Security best practices violations. The
sequence could be replaced by open and fdopendir but it
>-Original Message-
>From: Cédric Le Goater
>Sent: Thursday, December 21, 2023 5:16 PM
>Subject: Re: [PATCH] vfio/iommufd: Remove the use of stat() to check file
>existence
>
>Hello Zhenzhong
>
>On 12/21/23 09:55, Duan, Zhenzhong wrote:
>>
>>
>>> -Original Message-
>>> From:
Hello Zhenzhong
On 12/21/23 09:55, Duan, Zhenzhong wrote:
-Original Message-
From: Cédric Le Goater
Sent: Thursday, December 21, 2023 4:10 PM
Subject: [PATCH] vfio/iommufd: Remove the use of stat() to check file
existence
Using stat() before opening a file or a directory can lead
>-Original Message-
>From: Cédric Le Goater
>Sent: Thursday, December 21, 2023 4:10 PM
>Subject: [PATCH] vfio/iommufd: Remove the use of stat() to check file
>existence
>
>Using stat() before opening a file or a directory can lead to a
>time-of-check to time-of-use (TOCTOU) filesystem
Using stat() before opening a file or a directory can lead to a
time-of-check to time-of-use (TOCTOU) filesystem race, which is
reported by coverity as a Security best practices violations. The
sequence could be replaced by open and fdopendir but it doesn't add
much in this case. Simply use
