aboutsummaryrefslogtreecommitdiff
path: root/posix/tst-spawn.c
diff options
context:
space:
mode:
authorFlorian Weimer <fweimer@redhat.com>2017-05-08 14:57:59 +0200
committerFlorian Weimer <fweimer@redhat.com>2017-05-08 16:20:40 +0200
commitc22553effb151532eb95fc1f7bb17a3aebe63202 (patch)
tree6064f0d1bf34b0ec8aaebd04cd1758c81f4666ce /posix/tst-spawn.c
parent706256afb6c844a0e6aaab2b60f4326b91aca2e9 (diff)
downloadglibc-c22553effb151532eb95fc1f7bb17a3aebe63202.tar
glibc-c22553effb151532eb95fc1f7bb17a3aebe63202.tar.gz
glibc-c22553effb151532eb95fc1f7bb17a3aebe63202.tar.bz2
glibc-c22553effb151532eb95fc1f7bb17a3aebe63202.zip
support: Prevent multiple deletion of temporary files
Otherwise, another user might recreate these files after the first deletion. Particularly with temporary directories, this could result in the removal of unintended files through symbol link attacks.
Diffstat (limited to 'posix/tst-spawn.c')
-rw-r--r--posix/tst-spawn.c74
1 files changed, 26 insertions, 48 deletions
diff --git a/posix/tst-spawn.c b/posix/tst-spawn.c
index 2f960ba223..08d92bd7a7 100644
--- a/posix/tst-spawn.c
+++ b/posix/tst-spawn.c
@@ -50,6 +50,11 @@ static char *name1;
static char *name2;
static char *name3;
+/* Descriptors for the temporary files. */
+static int temp_fd1 = -1;
+static int temp_fd2 = -1;
+static int temp_fd3 = -1;
+
/* The contents of our files. */
static const char fd1string[] = "This file should get closed";
static const char fd2string[] = "This file should stay opened";
@@ -60,23 +65,15 @@ static const char fd3string[] = "This file will be opened";
void
do_prepare (int argc, char *argv[])
{
- size_t name_len;
-
- name_len = strlen (test_dir);
- name1 = (char *) xmalloc (name_len + sizeof ("/spawnXXXXXX"));
- mempcpy (mempcpy (name1, test_dir, name_len),
- "/spawnXXXXXX", sizeof ("/spawnXXXXXX"));
- add_temp_file (name1);
-
- name2 = (char *) xmalloc (name_len + sizeof ("/spawnXXXXXX"));
- mempcpy (mempcpy (name2, test_dir, name_len),
- "/spawnXXXXXX", sizeof ("/spawnXXXXXX"));
- add_temp_file (name2);
-
- name3 = (char *) xmalloc (name_len + sizeof ("/spawnXXXXXX"));
- mempcpy (mempcpy (name3, test_dir, name_len),
- "/spawnXXXXXX", sizeof ("/spawnXXXXXX"));
- add_temp_file (name3);
+ /* We must not open any files in the restart case. */
+ if (restart)
+ return;
+
+ temp_fd1 = create_temp_file ("spawn", &name1);
+ temp_fd2 = create_temp_file ("spawn", &name2);
+ temp_fd3 = create_temp_file ("spawn", &name3);
+ if (temp_fd1 < 0 || temp_fd2 < 0 || temp_fd3 < 0)
+ exit (1);
}
@@ -158,9 +155,6 @@ int
do_test (int argc, char *argv[])
{
pid_t pid;
- int fd1;
- int fd2;
- int fd3;
int fd4;
int status;
posix_spawn_file_actions_t actions;
@@ -194,53 +188,42 @@ do_test (int argc, char *argv[])
/* Prepare the test. We are creating two files: one which file descriptor
will be marked with FD_CLOEXEC, another which is not. */
- /* Open our test files. */
- fd1 = mkstemp (name1);
- if (fd1 == -1)
- error (EXIT_FAILURE, errno, "cannot open test file `%s'", name1);
- fd2 = mkstemp (name2);
- if (fd2 == -1)
- error (EXIT_FAILURE, errno, "cannot open test file `%s'", name2);
- fd3 = mkstemp (name3);
- if (fd3 == -1)
- error (EXIT_FAILURE, errno, "cannot open test file `%s'", name3);
-
/* Write something in the files. */
- if (write (fd1, fd1string, strlen (fd1string)) != strlen (fd1string))
+ if (write (temp_fd1, fd1string, strlen (fd1string)) != strlen (fd1string))
error (EXIT_FAILURE, errno, "cannot write to first file");
- if (write (fd2, fd2string, strlen (fd2string)) != strlen (fd2string))
+ if (write (temp_fd2, fd2string, strlen (fd2string)) != strlen (fd2string))
error (EXIT_FAILURE, errno, "cannot write to second file");
- if (write (fd3, fd3string, strlen (fd3string)) != strlen (fd3string))
+ if (write (temp_fd3, fd3string, strlen (fd3string)) != strlen (fd3string))
error (EXIT_FAILURE, errno, "cannot write to third file");
/* Close the third file. It'll be opened by `spawn'. */
- close (fd3);
+ close (temp_fd3);
/* Tell `spawn' what to do. */
if (posix_spawn_file_actions_init (&actions) != 0)
error (EXIT_FAILURE, errno, "posix_spawn_file_actions_init");
- /* Close `fd1'. */
- if (posix_spawn_file_actions_addclose (&actions, fd1) != 0)
+ /* Close `temp_fd1'. */
+ if (posix_spawn_file_actions_addclose (&actions, temp_fd1) != 0)
error (EXIT_FAILURE, errno, "posix_spawn_file_actions_addclose");
/* We want to open the third file. */
name3_copy = strdup (name3);
if (name3_copy == NULL)
error (EXIT_FAILURE, errno, "strdup");
- if (posix_spawn_file_actions_addopen (&actions, fd3, name3_copy,
+ if (posix_spawn_file_actions_addopen (&actions, temp_fd3, name3_copy,
O_RDONLY, 0666) != 0)
error (EXIT_FAILURE, errno, "posix_spawn_file_actions_addopen");
/* Overwrite the name to check that a copy has been made. */
memset (name3_copy, 'X', strlen (name3_copy));
/* We dup the second descriptor. */
- fd4 = MAX (2, MAX (fd1, MAX (fd2, fd3))) + 1;
- if (posix_spawn_file_actions_adddup2 (&actions, fd2, fd4) != 0)
+ fd4 = MAX (2, MAX (temp_fd1, MAX (temp_fd2, temp_fd3))) + 1;
+ if (posix_spawn_file_actions_adddup2 (&actions, temp_fd2, fd4) != 0)
error (EXIT_FAILURE, errno, "posix_spawn_file_actions_adddup2");
/* Now spawn the process. */
- snprintf (fd1name, sizeof fd1name, "%d", fd1);
- snprintf (fd2name, sizeof fd2name, "%d", fd2);
- snprintf (fd3name, sizeof fd3name, "%d", fd3);
+ snprintf (fd1name, sizeof fd1name, "%d", temp_fd1);
+ snprintf (fd2name, sizeof fd2name, "%d", temp_fd2);
+ snprintf (fd3name, sizeof fd3name, "%d", temp_fd3);
snprintf (fd4name, sizeof fd4name, "%d", fd4);
for (i = 0; i < (argc == (restart ? 6 : 5) ? 4 : 1); i++)
@@ -274,10 +257,5 @@ do_test (int argc, char *argv[])
error (EXIT_FAILURE, 0, "Child terminated incorrectly");
status = WEXITSTATUS (status);
- /* Remove the test files. */
- unlink (name1);
- unlink (name2);
- unlink (name3);
-
return status;
}