Howdy.
Attached is a patch to address a TOCTOU issue with checking to
ensure disks are regular files, reported by jca@ .
Comments? Ok?
+--+
Carlos
Index: config.c
===================================================================
RCS file: /home/los/cvs/src/usr.sbin/vmd/config.c,v
retrieving revision 1.38
diff -u -p -a -u -r1.38 config.c
--- config.c 3 Jan 2018 05:39:56 -0000 1.38
+++ config.c 4 Jan 2018 03:55:47 -0000
@@ -262,23 +262,23 @@ config_setvm(struct privsep *ps, struct
/* Open disk images for child */
for (i = 0 ; i < vcp->vcp_ndisks; i++) {
/* Stat disk[i] to ensure it is a regular file */
- if (stat(vcp->vcp_disks[i], &stat_buf) == -1) {
+ if ((diskfds[i] =
+ open(vcp->vcp_disks[i], O_RDWR)) == -1) {
log_warn("%s: can't open disk %s", __func__,
vcp->vcp_disks[i]);
errno = VMD_DISK_MISSING;
goto fail;
}
- if (S_ISREG(stat_buf.st_mode) == 0) {
- log_warn("%s: disk %s is not a regular file", __func__,
+ if (fstat(diskfds[i], &stat_buf) == -1) {
+ log_warn("%s: can't open disk %s", __func__,
vcp->vcp_disks[i]);
- errno = VMD_DISK_INVALID;
+ errno = VMD_DISK_MISSING;
goto fail;
}
- if ((diskfds[i] =
- open(vcp->vcp_disks[i], O_RDWR)) == -1) {
- log_warn("%s: can't open disk %s", __func__,
+ if (S_ISREG(stat_buf.st_mode) == 0) {
+ log_warn("%s: disk %s is not a regular file", __func__,
vcp->vcp_disks[i]);
- errno = VMD_DISK_MISSING;
+ errno = VMD_DISK_INVALID;
goto fail;
}
}
