The patch titled
gen_init_cpio: avoid risk of file changing between calls to stat() and open()
has been removed from the -mm tree. Its filename was
gen_init_cpio-avoid-risk-of-file-changing-between-calls-to-stat-and-open.patch
This patch was dropped because it was merged into mainline or a subsystem tree
The current -mm tree may be found at http://userweb.kernel.org/~akpm/mmotm/
------------------------------------------------------
Subject: gen_init_cpio: avoid risk of file changing between calls to stat() and open()
From: Jesper Juhl <jj@xxxxxxxxxxxxx>
In usr/gen_init_cpio.c::cpio_mkfile() a call to stat() is made based on
pathname, subsequently the file is open()'ed and then the value of the
initial stat() call is used to allocate a buffer. This is not safe since
the file may change between the call to stat() and the call to open().
Safer to just open() the file and then do fstat() using the filedescriptor
returned by open.
Signed-off-by: Jesper Juhl <jj@xxxxxxxxxxxxx>
Acked-by: Jeff Garzik <jgarzik@xxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
---
usr/gen_init_cpio.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff -puN usr/gen_init_cpio.c~gen_init_cpio-avoid-risk-of-file-changing-between-calls-to-stat-and-open usr/gen_init_cpio.c
--- a/usr/gen_init_cpio.c~gen_init_cpio-avoid-risk-of-file-changing-between-calls-to-stat-and-open
+++ a/usr/gen_init_cpio.c
@@ -309,18 +309,18 @@ static int cpio_mkfile(const char *name,
mode |= S_IFREG;
- retval = stat (location, &buf);
- if (retval) {
- fprintf (stderr, "File %s could not be located\n", location);
- goto error;
- }
-
file = open (location, O_RDONLY);
if (file < 0) {
fprintf (stderr, "File %s could not be opened for reading\n", location);
goto error;
}
+ retval = fstat (file, &buf);
+ if (retval) {
+ fprintf (stderr, "File %s could not be stat()'ed\n", location);
+ goto error;
+ }
+
filebuf = malloc(buf.st_size);
if (!filebuf) {
fprintf (stderr, "out of memory\n");
_
Patches currently in -mm which might be from jj@xxxxxxxxxxxxx are
linux-next.patch
mm-hugetlbc-fix-error-path-memory-leak-in-nr_hugepages_store_common.patch
mm-hugetlbc-fix-error-path-memory-leak-in-nr_hugepages_store_common-fix.patch
gen_init_cpio-avoid-risk-of-file-changing-between-calls-to-stat-and-open-checkpatch-fixes.patch
memcg-use-zalloc-rather-than-mallocmemset.patch
--
To unsubscribe from this list: send the line "unsubscribe mm-commits" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
