diff options
author | Paolo Bonzini <pbonzini@redhat.com> | 2015-11-27 12:43:05 +0100 |
---|---|---|
committer | Greg Kurz <gkurz@linux.vnet.ibm.com> | 2015-11-30 12:31:53 +0100 |
commit | 49f817caaf4460f4a8dfca190f31a57569fc9efe (patch) | |
tree | cffe0b89c1206068620cf290c08079117cce6963 | |
parent | 714487515dbe0c65d5904251e796cd3a5b3579fb (diff) | |
download | qemu-49f817caaf4460f4a8dfca190f31a57569fc9efe.zip qemu-49f817caaf4460f4a8dfca190f31a57569fc9efe.tar.gz qemu-49f817caaf4460f4a8dfca190f31a57569fc9efe.tar.bz2 |
fsdev-proxy-helper: avoid TOC/TOU race
There is a minor time of check/time of use race between statfs and chroot.
It can be fixed easily by stat-ing the root after it has been changed.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
-rw-r--r-- | fsdev/virtfs-proxy-helper.c | 20 |
1 files changed, 10 insertions, 10 deletions
diff --git a/fsdev/virtfs-proxy-helper.c b/fsdev/virtfs-proxy-helper.c index 9097d15..ad1da0d 100644 --- a/fsdev/virtfs-proxy-helper.c +++ b/fsdev/virtfs-proxy-helper.c @@ -1128,10 +1128,19 @@ int main(int argc, char **argv) } } + if (chdir("/") < 0) { + do_perror("chdir"); + goto error; + } + if (chroot(rpath) < 0) { + do_perror("chroot"); + goto error; + } + get_version = false; #ifdef FS_IOC_GETVERSION /* check whether underlying FS support IOC_GETVERSION */ - retval = statfs(rpath, &st_fs); + retval = statfs("/", &st_fs); if (!retval) { switch (st_fs.f_type) { case EXT2_SUPER_MAGIC: @@ -1144,16 +1153,7 @@ int main(int argc, char **argv) } #endif - if (chdir("/") < 0) { - do_perror("chdir"); - goto error; - } - if (chroot(rpath) < 0) { - do_perror("chroot"); - goto error; - } umask(0); - if (init_capabilities() < 0) { goto error; } |