Re: [PATCH] vfio/iommufd: Remove the use of stat() to check file existen

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] vfio/iommufd: Remove the use of stat() to check file existen

From:	Cédric Le Goater
Subject:	Re: [PATCH] vfio/iommufd: Remove the use of stat() to check file existence
Date:	Tue, 2 Jan 2024 09:10:56 +0100
User-agent:	Mozilla Thunderbird

On 12/21/23 09:09, Cédric Le Goater wrote:

Using stat() before opening a file or a directory can lead to a
time-of-check to time-of-use (TOCTOU) filesystem race, which is
reported by coverity as a Security best practices violations. The
sequence could be replaced by open and fdopendir but it doesn't add
much in this case. Simply use opendir to avoid the race.

Fixes: CID 1531551
Signed-off-by: Cédric Le Goater <clg@redhat.com>



Applied to vfio-next.

Thanks,

C.

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH] vfio/iommufd: Remove the use of stat() to check file existence, Cédric Le Goater <=

Prev by Date: Re: [PATCH] hw/vfio: fix iteration over global VFIODevice list
Next by Date: Re: [PATCH] vfio/container: Rename vfio_init_container to vfio_set_iommu
Previous by thread: RE: FW: [PATCH] vhost-user: add VIRTIO_F_IN_ORDER and VIRTIO_F_NOTIFICATION_DATA feature
Next by thread: Re: [PATCH] vfio/container: Rename vfio_init_container to vfio_set_iommu
Index(es):
- Date
- Thread