c - stat(), fstat(), lstat(), and fopen(); how to write TOCTOU protected system independent code -

-

i've been dealing problem few weeks updating 20 year code needs system independent (work on both linux , windows). involves time-of-check, time-of-use (toctou) issues. made thread here, didn't go far, , after ruminating on while , searching deeper problem, think understand question bit better. maybe can ask bit better too...

from i've read, code needs check if file exists, if accessible, open file, operations , close file. seems best way call lstat(), call fopen(), call fstat() (to rule out toctou), , operations , closing file.

however, i've been lead believe lstat() , fstat() posix defined, not c standard defined, ruling out use system agnostic program, in same way open() shouldn't used cross-compatibility. how implement this?

if at first post, can see developer 20 years ago used c preprocessor cut code cross-compatible parts, if did that, wouldn't know replace lstat() or fstat() (their windows counterparts).

edit: added abreviated code post; if unclear please go original post

#ifdef win32     struct _stat buf; #else     struct stat buf; #endif //win32      file *fp;     char data[2560];      // make sure file exists , readable #ifdef win32     if (_access(file.c_str(), r_ok) == -1) { #else     if (access(file.c_str(), r_ok) == -1) { #endif //win32          char message[2560];         sprintf(message, "file '%s' not found or not readable", file.c_str());         throw message;         }      // file status information #ifdef win32     if (_stat(file.c_str(), &buf) != 0) { #else     if (stat(file.c_str(), &buf) != 0) { #endif //win32          char message[2560];         sprintf(message, "file '%s' no status available", file.c_str());         throw message;         }      // open file reading     fp = fopen(file.c_str(), "r");     if (fp == null) {         char message[2560];         sprintf(message, "file '%s' cound not opened", file.c_str());         throw message;     }      // read file     mvstring s, ss;     while (fgets(data, sizeof(data), fp) != (char *)0) {         s = data;         s.trimboth();         if (s.compare( 0, 5, "group" ) == 0) {             //size_t t = s.find_last_of( ":" );             size_t t = s.find( ":" );             if (t != string::npos) {                 ss = s.substr( t+1 ).c_str();                 ss.trimboth();                 ss = ss.substr( 1, ss.length() - 3 ).c_str();                 group_list.push_back( ss );             }         }     }     // close file     fclose(fp); }

the reliable way check whether file exists , can opened try opening it. if opened, ok. if not opened, can think spending time analyze went wrong.

the access() function formally asks different question think; asks 'can real user id or real group id access file', program use effective user id or effective group id access file. if program not running suid or sgid, , not launched program running suid or sgid — , that's normal case — there's no difference. question different.

the use of stat() or lstat() doesn't seem helpful. in particular, lstat() tells whether start @ symlink, code doesn't care that.

both access() , stat() calls provide toctou windows of vulnerability; file removed after reported present, or created after reported absent.

you should call fopen() , see whether works; code simpler , more resistant toctou problems. might need consider whether use open() controls (o_excl, etc), , convert file descriptor file pointer (fdopen()).

all of applies unix side.

the details different, on windows side, still best off trying open file , reacting appropriately failure.

in both systems, make sure options provided open function appropriate.


Comments

Post a Comment

Popular posts from this blog

python - TypeError: start must be a integer -

-
i trying draw 5 turtles, getting typeerror on line 25. here code: import turtle wn = turtle.screen() redrose = turtle.turtle() color = input("what background color be?") fillcolor_f = input("what color of rose be?") redrose.hideturtle() redrose.speed(30) redrose.penup() redrose.left(180) redrose.forward(175) redrose.right(90) redrose.forward(30) redrose.right(90) redrose.pendown() def drawrose(red): redrose.color("pink") redrose.fillcolor(fillcolor_f) redrose.fill(true) in range(red): redrose.forward(i) redrose.right(49) in range(5): drawrose(redrose) redrose.penup() redrose.forward(350) redrose.right(144) redrose.pendown() redrose.fill(false) drawrose(50) wn.bgcolor(color) i trying draw 5 roses, produces errors. doing in interactivepython.org. you recursively calling drawrose wrong parameter. on line 23 ( for in range(red): ) expect red integer...
Read more

c# - DevExpress RepositoryItemComboBox BackColor property ignored -

-
i have following code almost works properly; private void cbstatus_drawitem(object sender, listboxdrawitemeventargs e) { string item = e.item string; if (item != null) { switch (item) { case "1": e.appearance.forecolor = color.green; e.appearance.backcolor = color.green; break; case "2": e.appearance.forecolor = color.orange; e.appearance.backcolor = color.orange; break; case "3": e.appearance.forecolor = color.red; e.appearance.backcolor = color.red; break; } } } when dropdown shown, items forecolor correct, backcolor remains whatever backcolor of theme is; i.e. if i've got set dark theme, backcolor dark, cells in gridview, rather being green/orange/red. i've tried setting e.appearance.options.usebackcolor trying set e....
Read more

django - Creating multiple model instances in DRF3 -

-
1) create multiple model instances 1 api call, asked here: how create multiple model instances django rest framework? tried solution named in link, no success. i trying upload multiple files in 1 api call. result: files uploaded (only once overwrote perform_create) 1 instance created (if send 2 files, latter created instance). my code: class fileuploadserializer(serializers.modelserializer): def __init__(self, *args, **kwargs): many = kwargs.pop('many', true) super(fileuploadserializer, self).__init__(many=many, *args, **kwargs) class meta: model = fileupload read_only_fields = ('created', 'datafile', 'owner') class fileuploadviewset(viewsets.modelviewset): queryset = fileupload.objects.all() serializer_class = fileuploadserializer parser_classes = (multipartparser, formparser, ) def perform_create(self, serializer): file_list = self.request.data.getlist('file') ...
Read more