From 5de8d5ee8f0f3c8fec40d3d65711142b2999f384 Mon Sep 17 00:00:00 2001 From: ccardenas Date: Thu, 4 Jan 2018 15:19:56 +0000 Subject: [PATCH] Address TOCTOU issue with checking to ensure disks are regular files. Reported by jca@. Ok mlarkin@ and deraadt@ --- usr.sbin/vmd/config.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/usr.sbin/vmd/config.c b/usr.sbin/vmd/config.c index 399279bd993..006fc7d2efb 100644 --- a/usr.sbin/vmd/config.c +++ b/usr.sbin/vmd/config.c @@ -1,4 +1,4 @@ -/* $OpenBSD: config.c,v 1.38 2018/01/03 05:39:56 ccardenas Exp $ */ +/* $OpenBSD: config.c,v 1.39 2018/01/04 15:19:56 ccardenas Exp $ */ /* * Copyright (c) 2015 Reyk Floeter @@ -262,23 +262,23 @@ config_setvm(struct privsep *ps, struct vmd_vm *vm, uint32_t peerid, uid_t uid) /* Open disk images for child */ for (i = 0 ; i < vcp->vcp_ndisks; i++) { /* Stat disk[i] to ensure it is a regular file */ - if (stat(vcp->vcp_disks[i], &stat_buf) == -1) { + if ((diskfds[i] = + open(vcp->vcp_disks[i], O_RDWR)) == -1) { log_warn("%s: can't open disk %s", __func__, vcp->vcp_disks[i]); errno = VMD_DISK_MISSING; goto fail; } - if (S_ISREG(stat_buf.st_mode) == 0) { - log_warn("%s: disk %s is not a regular file", __func__, + if (fstat(diskfds[i], &stat_buf) == -1) { + log_warn("%s: can't open disk %s", __func__, vcp->vcp_disks[i]); errno = VMD_DISK_INVALID; goto fail; } - if ((diskfds[i] = - open(vcp->vcp_disks[i], O_RDWR)) == -1) { - log_warn("%s: can't open disk %s", __func__, + if (S_ISREG(stat_buf.st_mode) == 0) { + log_warn("%s: disk %s is not a regular file", __func__, vcp->vcp_disks[i]); - errno = VMD_DISK_MISSING; + errno = VMD_DISK_INVALID; goto fail; } } -- 2.20.1