[PATCH 4/4] appletlib: Fix file-system race in parse_config_file()
Ryan Mallon
rmallon at gmail.com
Thu Jan 2 22:13:48 UTC 2014
There is a small filesystem race window between the stat checks for
the Busybox config file and opening of the file. Although this window
is very small, and the file must be called /etc/busybox, the code is
written to be paranoid. Be completely paranoid and eliminate the race
by opening the file and doing the stat checks on the file descriptor.
Signed-off-by: Ryan Mallon <rmallon at gmail.com>
---
libbb/appletlib.c | 8 ++++++--
1 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/libbb/appletlib.c b/libbb/appletlib.c
index 8f3a8a1..729be85 100644
--- a/libbb/appletlib.c
+++ b/libbb/appletlib.c
@@ -286,12 +286,16 @@ static void parse_config_file(void)
if (ruid == 0) /* run by root - don't need to even read config file */
return;
- if ((stat(config_file, &st) != 0) /* No config file? */
+ f = fopen_for_read(config_file);
+ if (!f)
+ return;
+
+ if ((fstat(fileno(f), &st) != 0) /* Cannot stat? */
|| !S_ISREG(st.st_mode) /* Not a regular file? */
|| (st.st_uid != 0) /* Not owned by root? */
|| (st.st_mode & (S_IWGRP | S_IWOTH)) /* Writable by non-root? */
- || !(f = fopen_for_read(config_file)) /* Cannot open? */
) {
+ fclose(f);
return;
}
--
1.7.1
More information about the busybox
mailing list