projects
/
lttng-tools.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Fix: sessiond: TOCTOU error on save of session configuration
[lttng-tools.git]
/
src
/
bin
/
lttng-sessiond
/
save.c
diff --git
a/src/bin/lttng-sessiond/save.c
b/src/bin/lttng-sessiond/save.c
index ce9f2f9ff1772910ac5ce1a1b3b8023e566214c9..cdeb4004d6b4f99e8ef5c6b5a99f9d9f55dd2c7a 100644
(file)
--- a/
src/bin/lttng-sessiond/save.c
+++ b/
src/bin/lttng-sessiond/save.c
@@
-2284,13
+2284,13
@@
static
int save_session(struct ltt_session *session,
struct lttng_save_session_attr *attr, lttng_sock_cred *creds)
{
int save_session(struct ltt_session *session,
struct lttng_save_session_attr *attr, lttng_sock_cred *creds)
{
- int ret, fd;
- unsigned int file_opened = 0; /* Indicate if the file has been opened */
- char config_file_path[PATH_MAX];
+ int ret, fd = -1;
+ char config_file_path[LTTNG_PATH_MAX];
size_t len;
struct config_writer *writer = NULL;
size_t session_name_len;
const char *provided_path;
size_t len;
struct config_writer *writer = NULL;
size_t session_name_len;
const char *provided_path;
+ int file_open_flags = O_CREAT | O_WRONLY | O_TRUNC;
assert(session);
assert(attr);
assert(session);
assert(attr);
@@
-2314,7
+2314,7
@@
int save_session(struct ltt_session *session,
ret = LTTNG_ERR_SET_URL;
goto end;
}
ret = LTTNG_ERR_SET_URL;
goto end;
}
- strncpy(config_file_path, provided_path,
len
);
+ strncpy(config_file_path, provided_path,
sizeof(config_file_path)
);
} else {
ssize_t ret_len;
char *home_dir = utils_get_user_home_dir(
} else {
ssize_t ret_len;
char *home_dir = utils_get_user_home_dir(
@@
-2358,27
+2358,34
@@
int save_session(struct ltt_session *session,
* was done just above.
*/
config_file_path[len++] = '/';
* was done just above.
*/
config_file_path[len++] = '/';
- strncpy(config_file_path + len, session->name, s
ession_name_
len);
+ strncpy(config_file_path + len, session->name, s
izeof(config_file_path) -
len);
len += session_name_len;
strcpy(config_file_path + len, DEFAULT_SESSION_CONFIG_FILE_EXTENSION);
len += sizeof(DEFAULT_SESSION_CONFIG_FILE_EXTENSION);
config_file_path[len] = '\0';
len += session_name_len;
strcpy(config_file_path + len, DEFAULT_SESSION_CONFIG_FILE_EXTENSION);
len += sizeof(DEFAULT_SESSION_CONFIG_FILE_EXTENSION);
config_file_path[len] = '\0';
- if (!access(config_file_path, F_OK) && !attr->overwrite) {
- /* File exists, notify the user since the overwrite flag is off. */
- ret = LTTNG_ERR_SAVE_FILE_EXIST;
- goto end;
+ if (!attr->overwrite) {
+ file_open_flags |= O_EXCL;
}
}
- fd = run_as_open(config_file_path,
O_CREAT | O_WRONLY | O_TRUNC
,
+ fd = run_as_open(config_file_path,
file_open_flags
,
S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP,
LTTNG_SOCK_GET_UID_CRED(creds), LTTNG_SOCK_GET_GID_CRED(creds));
if (fd < 0) {
PERROR("Could not create configuration file");
S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP,
LTTNG_SOCK_GET_UID_CRED(creds), LTTNG_SOCK_GET_GID_CRED(creds));
if (fd < 0) {
PERROR("Could not create configuration file");
- ret = LTTNG_ERR_SAVE_IO_FAIL;
+ switch (errno) {
+ case EEXIST:
+ ret = LTTNG_ERR_SAVE_FILE_EXIST;
+ break;
+ case EACCES:
+ ret = LTTNG_ERR_EPERM;
+ break;
+ default:
+ ret = LTTNG_ERR_SAVE_IO_FAIL;
+ break;
+ }
goto end;
}
goto end;
}
- file_opened = 1;
writer = config_writer_create(fd, 1);
if (!writer) {
writer = config_writer_create(fd, 1);
if (!writer) {
@@
-2492,12
+2499,12
@@
end:
}
if (ret) {
/* Delete file in case of error */
}
if (ret) {
/* Delete file in case of error */
- if (
file_opened
&& unlink(config_file_path)) {
+ if (
(fd >= 0)
&& unlink(config_file_path)) {
PERROR("Unlinking XML session configuration.");
}
}
PERROR("Unlinking XML session configuration.");
}
}
- if (f
ile_opened
) {
+ if (f
d >= 0
) {
ret = close(fd);
if (ret) {
PERROR("Closing XML session configuration");
ret = close(fd);
if (ret) {
PERROR("Closing XML session configuration");
This page took
0.025022 seconds
and
4
git commands to generate.