public inbox for cluster-cvs@sourceware.org
help / color / mirror / Atom feed
From: Bob Peterson <rpeterso@fedoraproject.org>
To: cluster-cvs-relay@redhat.com
Subject: cluster: RHEL5 - gfs2: randomize debugfs mount point even more
Date: Mon, 04 May 2009 19:31:00 -0000 [thread overview]
Message-ID: <20090504193058.264B2120255@lists.fedorahosted.org> (raw)
Gitweb: http://git.fedorahosted.org/git/cluster.git?p=cluster.git;a=commitdiff;h=07ff0098221e31673e0b61ac5dcd679dcd13c9f5
Commit: 07ff0098221e31673e0b61ac5dcd679dcd13c9f5
Parent: 423ba66a2c5a08a000c8e971589c94b3fbebf701
Author: Bob Peterson <rpeterso@redhat.com>
AuthorDate: Mon May 4 11:06:20 2009 -0500
Committer: Bob Peterson <rpeterso@redhat.com>
CommitterDate: Mon May 4 11:06:20 2009 -0500
gfs2: randomize debugfs mount point even more
bz 498950 - cluster product is affected by several symlink attack vulnerabilities
18b24ae55c3e4abdc256a3b6c4f15ae0116a0f14 didn't introduce enough
security.
Switch to mkdtemp(3) and cleanup unrequired code as a consequence.
---
gfs2/tool/misc.c | 32 ++++++++++++++------------------
1 files changed, 14 insertions(+), 18 deletions(-)
diff --git a/gfs2/tool/misc.c b/gfs2/tool/misc.c
index 103df2f..dec78d7 100644
--- a/gfs2/tool/misc.c
+++ b/gfs2/tool/misc.c
@@ -115,27 +115,26 @@ print_lockdump(int argc, char **argv)
char *name, line[PATH_MAX];
char *debugfs;
FILE *file;
- int rc = -1, debug_dir_existed = 1;
+ int rc = -1;
/* See if debugfs is mounted, and if not, mount it. */
debugfs = find_debugfs_mount();
if (!debugfs) {
- debugfs = malloc(20);
+ debugfs = malloc(PATH_MAX);
if (!debugfs)
die("Can't allocate memory for debugfs.\n");
- memset(debugfs, 0, 20);
- strcpy(debugfs, "/tmp/debugfs");
-
- if (access(debugfs, F_OK)) {
- debug_dir_existed = mkdir(debugfs, 644);
- if (debug_dir_existed) {
- fprintf(stderr,
- "Can't create %s mount point.\n",
- debugfs);
- free(debugfs);
- exit(-1);
- }
+
+ memset(debugfs, 0, PATH_MAX);
+ sprintf(debugfs, "/tmp/debugfs.XXXXXX");
+
+ if (!mkdtemp(debugfs)) {
+ fprintf(stderr,
+ "Can't create %s mount point.\n",
+ debugfs);
+ free(debugfs);
+ exit(-1);
}
+
rc = mount("none", debugfs, "debugfs", 0, NULL);
if (rc) {
fprintf(stderr,
@@ -166,10 +165,7 @@ print_lockdump(int argc, char **argv)
/* Check if we mounted the debugfs and if so, unmount it. */
if (!rc) {
umount(debugfs);
- /* Check if we created the debugfs mount point and if so,
- delete it. */
- if (!debug_dir_existed)
- rmdir(debugfs);
+ rmdir(debugfs);
}
free(debugfs);
}
next reply other threads:[~2009-05-04 19:31 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-05-04 19:31 Bob Peterson [this message]
2009-05-04 19:31 Bob Peterson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090504193058.264B2120255@lists.fedorahosted.org \
--to=rpeterso@fedoraproject.org \
--cc=cluster-cvs-relay@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).