4170ae4ea600fea6ac9daa8b145960c9de3915fc was intended to tackle TOCTOU
race conditions reported by CodeQL, but as an oversight, a file
descriptor was not closed and some comments were not updated.
Interestingly, CodeQL did not complain about the file descriptor leak,
so there is room for improvement in how we configure it to try to detect
this issue so that we get early warning about this.
In addition, an optimization opportunity was missed by mistake in
lib/libshare/os/linux/smb.c, which prevented us from truly closing the
TOCTOU race. This was also caught by Coverity.
Reported-by: Coverity (CID 1524424)
Reported-by: Coverity (CID 1526804)
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Richard Yao <richard.yao@alumni.stonybrook.edu>
Closes #14109
goto out;
}
- if (stat(file_path, &eStat) == -1) {
+ if (fstat(fd, &eStat) == -1) {
close(fd);
rc = SA_SYSTEM_ERR;
goto out;
/*
* DESCRIPTION:
- * Verify stat(2) for O_TMPFILE file considers umask.
+ * Verify fstat(2) for O_TMPFILE file considers umask.
*
* STRATEGY:
* 1. open(2) with O_TMPFILE.
* 2. linkat(2).
- * 3. fstat(2)/stat(2) and verify .st_mode value.
+ * 3. fstat(2) and verify .st_mode value.
*/
static void
mode = fst.st_mode & 0777;
if (mode != masked)
errx(8, "fstat(2) %o != %o\n", mode, masked);
+ close(fd);
}
int
projects / mirror_zfs.git / commitdiff