fsdev-proxy-helper: avoid TOC/TOU race

There is a minor time of check/time of use race between statfs and chroot. It can be fixed easily by stat-ing the root after it has been changed. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Greg Kurz <gkurz@linux.vnet.ibm.com> Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
2015-11-27 12:43:05 +01:00 · 2015-11-27 12:43:05 +01:00 · 49f817caaf
parent 714487515d
commit 49f817caaf
1 changed files with 10 additions and 10 deletions
--- a/fsdev/virtfs-proxy-helper.c
+++ b/fsdev/virtfs-proxy-helper.c
@ -1128,10 +1128,19 @@ int main(int argc, char **argv)
        }
    }

+    if (chdir("/") < 0) {
+        do_perror("chdir");
+        goto error;
+    }
+    if (chroot(rpath) < 0) {
+        do_perror("chroot");
+        goto error;
+    }
+
    get_version = false;
 #ifdef FS_IOC_GETVERSION
    /* check whether underlying FS support IOC_GETVERSION */
-    retval = statfs(rpath, &st_fs);
+    retval = statfs("/", &st_fs);
    if (!retval) {
        switch (st_fs.f_type) {
        case EXT2_SUPER_MAGIC:
@ -1144,16 +1153,7 @@ int main(int argc, char **argv)
    }
 #endif

-    if (chdir("/") < 0) {
-        do_perror("chdir");
-        goto error;
-    }
-    if (chroot(rpath) < 0) {
-        do_perror("chroot");
-        goto error;
-    }
    umask(0);
-
    if (init_capabilities() < 0) {
        goto error;
    }