diff options
author | deraadt <deraadt@openbsd.org> | 2015-10-12 05:54:18 +0000 |
---|---|---|
committer | deraadt <deraadt@openbsd.org> | 2015-10-12 05:54:18 +0000 |
commit | b154e2c0a99bad776cb43391283323adbae0c908 (patch) | |
tree | 82cd7adc9f8fcea3a2a1149fdd743b3ce52e5737 /usr.sbin | |
parent | preservation modes can adjust setugid bits, so no pledge is possible. (diff) | |
download | wireguard-openbsd-b154e2c0a99bad776cb43391283323adbae0c908.tar.xz wireguard-openbsd-b154e2c0a99bad776cb43391283323adbae0c908.zip |
fstat() of opened fd, rather than stat(), to avoid TOCTOU
ok jsg
Diffstat (limited to 'usr.sbin')
-rw-r--r-- | usr.sbin/mkuboot/mkuboot.c | 8 |
1 files changed, 3 insertions, 5 deletions
diff --git a/usr.sbin/mkuboot/mkuboot.c b/usr.sbin/mkuboot/mkuboot.c index 8ecb79dd790..6f5cd69f4ca 100644 --- a/usr.sbin/mkuboot/mkuboot.c +++ b/usr.sbin/mkuboot/mkuboot.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mkuboot.c,v 1.4 2014/05/18 21:18:07 miod Exp $ */ +/* $OpenBSD: mkuboot.c,v 1.5 2015/10/12 05:54:18 deraadt Exp $ */ /* * Copyright (c) 2008 Mark Kettenis @@ -223,15 +223,13 @@ main(int argc, char *argv[]) ifd = open(iname, O_RDONLY); if (ifd < 0) err(1, "%s", iname); + if (fstat(ifd, &sb) == -1) + err(1, "%s", iname); ofd = open(oname, O_RDWR | O_TRUNC | O_CREAT, 0644); if (ofd < 0) err(1, "%s", oname); - if (stat(iname, &sb) == -1) { - err(1, "%s", oname); - } - /* Write initial header. */ if (write(ofd, &ih, sizeof ih) != sizeof ih) err(1, "%s", oname); |