From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:54009)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <mst@redhat.com>) id 1Zi0ez-0003nD-RW
	for qemu-devel@nongnu.org; Fri, 02 Oct 2015 09:46:06 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <mst@redhat.com>) id 1Zi0ez-0000vP-3G
	for qemu-devel@nongnu.org; Fri, 02 Oct 2015 09:46:05 -0400
Received: from mx1.redhat.com ([209.132.183.28]:37341)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <mst@redhat.com>) id 1Zi0ey-0000vL-UG
	for qemu-devel@nongnu.org; Fri, 02 Oct 2015 09:46:05 -0400
Date: Fri, 2 Oct 2015 16:46:00 +0300
From: "Michael S. Tsirkin" <mst@redhat.com>
Message-ID: <1443793405-15190-16-git-send-email-mst@redhat.com>
References: <1443793405-15190-1-git-send-email-mst@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
In-Reply-To: <1443793405-15190-1-git-send-email-mst@redhat.com>
Content-Transfer-Encoding: quoted-printable
Subject: [Qemu-devel] [PULL 15/15] vhost-user-test: fix predictable filename
	on tmpfs
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org
Cc: Marcel Apfelbaum <marcel@redhat.com>, Peter Maydell <peter.maydell@linaro.org>, Yuanhan Liu <yuanhan.liu@linux.intel.com>, =?us-ascii?B?PT9VVEYtOD9xP01hcmMtQW5kcj1DMz1BOT0yMEx1cmVhdT89?= <marcandre.lureau@redhat.com>

vhost-user-test uses getpid to create a unique filename. This name is
predictable, and a security problem.  Instead, use a tmp directory
created by mkdtemp, which is a suggested best practice.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Marc-Andr=E9 Lureau <marcandre.lureau@redhat.com>
---
 tests/vhost-user-test.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/vhost-user-test.c b/tests/vhost-user-test.c
index 5e63cbc..56df5cc 100644
--- a/tests/vhost-user-test.c
+++ b/tests/vhost-user-test.c
@@ -330,7 +330,7 @@ int main(int argc, char **argv)
         root =3D tmpfs;
     }
=20
-    socket_path =3D g_strdup_printf("/tmp/vhost-%d.sock", getpid());
+    socket_path =3D g_strdup_printf("%s/vhost.sock", tmpfs);
=20
     /* create char dev and add read handlers */
     qemu_add_opts(&qemu_chardev_opts);
--=20
MST