#541 get_uid_from_pid() should use fstat() rather than lstat()
Closed: Fixed None Opened 13 years ago by sgallagh.

From Coverity:

Calling function "lstat" to perform check on "path".
   77    ret = lstat(path, &stat_buf);
At conditional (1): "ret == -1" taking the false branch.
   78    if (ret == -1) {
   79        if (errno == ENOENT) {
   80            DEBUG(7, ("Proc file [%s] is not available anymore, continuing.\n",
   81                      path));
   82            return EOK;
   83        }
   84        DEBUG(1, ("lstat failed [%d][%s].\n", errno, strerror(errno)));
   85        return errno;
   86    }
   87
At conditional (2): "!((stat_buf.st_mode & 0xf000U) == 0x8000U)" taking the false branch.
   88    if (!S_ISREG(stat_buf.st_mode)) {
   89        DEBUG(1, ("not a regular file\n"));
   90        return EINVAL;
   91    }
   92
Calling function "open" that uses "path" after a check function. This can cause a time-of-check, time-of-use race condition.
   93    fd = open(path, O_RDONLY);

It's possible (though incredibly unlikely) that the process with that pid will exit and a new process with the same pid will appear between the check and the open.


Fields changed

status: new => assigned

Fixed by c4dcc84

fixedin: => 1.2.1
resolution: => fixed
status: assigned => closed

Fields changed

rhbz: => 0

Metadata Update from @sgallagh:
- Issue assigned to jhrozek
- Issue set to the milestone: SSSD 1.2.1

7 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/1583

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata