From: Jeremy Sowden <jeremy@azazel.net>
To: Jan Engelhardt <jengelh@inai.de>
Cc: Netfilter Devel <netfilter-devel@vger.kernel.org>
Subject: Re: [ulogd2 PATCH 13/26] input: UNIXSOCK: stat socket-path first before creating the socket.
Date: Sat, 6 Nov 2021 13:51:54 +0000 [thread overview]
Message-ID: <YYaIemfQJokeB9r/@azazel.net> (raw)
In-Reply-To: <521n426p-7nn-655-nq5r-6364po1or38@vanv.qr>
[-- Attachment #1: Type: text/plain, Size: 974 bytes --]
On 2021-10-30, at 19:33:13 +0200, Jan Engelhardt wrote:
> On Saturday 2021-10-30 18:44, Jeremy Sowden wrote:
> > If the path is already bound, we close the socket immediately.
> > diff --git a/input/packet/ulogd_inppkt_UNIXSOCK.c b/input/packet/ulogd_inppkt_UNIXSOCK.c
> > index f97c2e174b2d..d88609f203c4 100644
> > --- a/input/packet/ulogd_inppkt_UNIXSOCK.c
> > +++ b/input/packet/ulogd_inppkt_UNIXSOCK.c
> > @@ -479,10 +479,17 @@ static int _create_unix_socket(const char *unix_path)
> > int s;
> > struct stat st_dummy;
> >
> > + if (stat(unix_path, &st_dummy) == 0 && st_dummy.st_size > 0) {
> > + ulogd_log(ULOGD_ERROR,
> > + "ulogd2: unix socket '%s' already exists\n",
> > + unix_path);
> > + return -1;
> > + }
> > +
>
> That stat call should just be entirely deleted.
>
> I fully expect that Coverity's static analyzer (or something like it)
> is going to flag this piece of code as running afoul of TOCTOU.
Good point. Will remove it instead.
J.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
next prev parent reply other threads:[~2021-11-06 13:52 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-10-30 16:44 [ulogd2 PATCH 00/26] Compiler Warning Fixes Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 01/26] include: add format attribute to __ulogd_log declaration Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 02/26] ulog: remove empty log-line Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 03/26] ulog: fix order of log arguments Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 04/26] ulog: correct log specifiers Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 05/26] output: IPFIX: correct format-specifiers Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 06/26] jhash: add "fall through" comments to switch cases Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 07/26] db: add missing `break` to switch-case Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 08/26] filter: HWHDR: replace `switch` with `if` Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 09/26] filter: HWHDR: re-order KEY_RAW_MAC checks Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 10/26] filter: HWHDR: remove zero-initialization of MAC type Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 11/26] Replace malloc+memset with calloc Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 12/26] filter: PWSNIFF: replace malloc+strncpy with strndup Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 13/26] input: UNIXSOCK: stat socket-path first before creating the socket Jeremy Sowden
2021-10-30 17:33 ` Jan Engelhardt
2021-11-06 13:51 ` Jeremy Sowden [this message]
2021-10-30 16:44 ` [ulogd2 PATCH 14/26] input: UNIXSOCK: fix possible truncation of socket path Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 15/26] input: UNIXSOCK: prevent unaligned pointer access Jeremy Sowden
2021-10-30 17:42 ` Jan Engelhardt
2021-11-06 14:13 ` Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 16/26] output: DBI: fix deprecation warnings Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 17/26] output: DBI: fix string truncation warnings Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 18/26] output: MYSQL: Fix string truncation warning Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 19/26] output: PGSQL: " Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 20/26] output: SQLITE3: Fix string truncation warnings and possible buffer overruns Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 21/26] output: SQLITE3: catch errors creating SQL statement Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 22/26] util: db: fix possible string truncation Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 23/26] output: JSON: fix output of GMT offset Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 24/26] output: JSON: fix printf truncation warnings Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 25/26] output: JSON: optimize appending of newline to output Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 26/26] output: JSON: fix possible truncation of socket path Jeremy Sowden
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YYaIemfQJokeB9r/@azazel.net \
--to=jeremy@azazel.net \
--cc=jengelh@inai.de \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).