|
|
a60cd7 |
From 80408e9e24a1c10f85fd969e1853e0f192157f92 Mon Sep 17 00:00:00 2001
|
|
|
a60cd7 |
From: Jakub Filak <jfilak@redhat.com>
|
|
|
a60cd7 |
Date: Wed, 15 Apr 2015 12:14:22 +0200
|
|
|
a60cd7 |
Subject: [ABRT PATCH] ccpp: fix symlink race conditions
|
|
|
a60cd7 |
|
|
|
a60cd7 |
Fix copy & chown race conditions
|
|
|
a60cd7 |
|
|
|
a60cd7 |
Related: #1211835
|
|
|
a60cd7 |
|
|
|
a60cd7 |
Signed-off-by: Jakub Filak <jfilak@redhat.com>
|
|
|
a60cd7 |
---
|
|
|
a60cd7 |
src/hooks/abrt-hook-ccpp.c | 27 ++++++++++++++++-----------
|
|
|
a60cd7 |
1 file changed, 16 insertions(+), 11 deletions(-)
|
|
|
a60cd7 |
|
|
|
a60cd7 |
diff --git a/src/hooks/abrt-hook-ccpp.c b/src/hooks/abrt-hook-ccpp.c
|
|
|
a60cd7 |
index 8e141d4..be16fab 100644
|
|
|
a60cd7 |
--- a/src/hooks/abrt-hook-ccpp.c
|
|
|
a60cd7 |
+++ b/src/hooks/abrt-hook-ccpp.c
|
|
|
a60cd7 |
@@ -397,7 +397,7 @@ static int open_user_core(uid_t uid, uid_t fsuid, pid_t pid, char **percent_valu
|
|
|
a60cd7 |
return user_core_fd;
|
|
|
a60cd7 |
}
|
|
|
a60cd7 |
|
|
|
a60cd7 |
-static bool dump_fd_info(const char *dest_filename, char *source_filename, int source_base_ofs)
|
|
|
a60cd7 |
+static bool dump_fd_info(const char *dest_filename, char *source_filename, int source_base_ofs, uid_t uid, gid_t gid)
|
|
|
a60cd7 |
{
|
|
|
a60cd7 |
FILE *fp = fopen(dest_filename, "w");
|
|
|
a60cd7 |
if (!fp)
|
|
|
a60cd7 |
@@ -429,6 +429,16 @@ static bool dump_fd_info(const char *dest_filename, char *source_filename, int s
|
|
|
a60cd7 |
}
|
|
|
a60cd7 |
fclose(in);
|
|
|
a60cd7 |
}
|
|
|
a60cd7 |
+
|
|
|
a60cd7 |
+ const int dest_fd = fileno(fp);
|
|
|
a60cd7 |
+ if (fchown(dest_fd, uid, gid) < 0)
|
|
|
a60cd7 |
+ {
|
|
|
a60cd7 |
+ perror_msg("Can't change '%s' ownership to %lu:%lu", dest_filename, (long)uid, (long)gid);
|
|
|
a60cd7 |
+ fclose(fp);
|
|
|
a60cd7 |
+ unlink(dest_filename);
|
|
|
a60cd7 |
+ return false;
|
|
|
a60cd7 |
+ }
|
|
|
a60cd7 |
+
|
|
|
a60cd7 |
fclose(fp);
|
|
|
a60cd7 |
return true;
|
|
|
a60cd7 |
}
|
|
|
a60cd7 |
@@ -678,27 +688,22 @@ int main(int argc, char** argv)
|
|
|
a60cd7 |
|
|
|
a60cd7 |
// Disabled for now: /proc/PID/smaps tends to be BIG,
|
|
|
a60cd7 |
// and not much more informative than /proc/PID/maps:
|
|
|
a60cd7 |
- //copy_file(source_filename, dest_filename, 0640);
|
|
|
a60cd7 |
- //chown(dest_filename, dd->dd_uid, dd->dd_gid);
|
|
|
a60cd7 |
+ //copy_file_ext(source_filename, dest_filename, 0640, dd->dd_uid, dd->dd_gid, O_RDONLY, O_WRONLY | O_CREAT | O_TRUNC | O_EXCL);
|
|
|
a60cd7 |
|
|
|
a60cd7 |
strcpy(source_filename + source_base_ofs, "maps");
|
|
|
a60cd7 |
strcpy(dest_base, FILENAME_MAPS);
|
|
|
a60cd7 |
- copy_file(source_filename, dest_filename, DEFAULT_DUMP_DIR_MODE);
|
|
|
a60cd7 |
- IGNORE_RESULT(chown(dest_filename, dd->dd_uid, dd->dd_gid));
|
|
|
a60cd7 |
+ copy_file_ext(source_filename, dest_filename, 0640, dd->dd_uid, dd->dd_gid, O_RDONLY, O_WRONLY | O_CREAT | O_TRUNC | O_EXCL);
|
|
|
a60cd7 |
|
|
|
a60cd7 |
strcpy(source_filename + source_base_ofs, "limits");
|
|
|
a60cd7 |
strcpy(dest_base, FILENAME_LIMITS);
|
|
|
a60cd7 |
- copy_file(source_filename, dest_filename, DEFAULT_DUMP_DIR_MODE);
|
|
|
a60cd7 |
- IGNORE_RESULT(chown(dest_filename, dd->dd_uid, dd->dd_gid));
|
|
|
a60cd7 |
+ copy_file_ext(source_filename, dest_filename, 0640, dd->dd_uid, dd->dd_gid, O_RDONLY, O_WRONLY | O_CREAT | O_TRUNC | O_EXCL);
|
|
|
a60cd7 |
|
|
|
a60cd7 |
strcpy(source_filename + source_base_ofs, "cgroup");
|
|
|
a60cd7 |
strcpy(dest_base, FILENAME_CGROUP);
|
|
|
a60cd7 |
- copy_file(source_filename, dest_filename, DEFAULT_DUMP_DIR_MODE);
|
|
|
a60cd7 |
- IGNORE_RESULT(chown(dest_filename, dd->dd_uid, dd->dd_gid));
|
|
|
a60cd7 |
+ copy_file_ext(source_filename, dest_filename, 0640, dd->dd_uid, dd->dd_gid, O_RDONLY, O_WRONLY | O_CREAT | O_TRUNC | O_EXCL);
|
|
|
a60cd7 |
|
|
|
a60cd7 |
strcpy(dest_base, FILENAME_OPEN_FDS);
|
|
|
a60cd7 |
- if (dump_fd_info(dest_filename, source_filename, source_base_ofs))
|
|
|
a60cd7 |
- IGNORE_RESULT(chown(dest_filename, dd->dd_uid, dd->dd_gid));
|
|
|
a60cd7 |
+ dump_fd_info(dest_filename, source_filename, source_base_ofs, dd->dd_uid, dd->dd_gid);
|
|
|
a60cd7 |
|
|
|
a60cd7 |
free(dest_filename);
|
|
|
a60cd7 |
|
|
|
a60cd7 |
--
|
|
|
a60cd7 |
1.8.3.1
|
|
|
a60cd7 |
|