Date: Tue, 22 Feb 2000 22:53:24 -0800 (PST) From: spock@techfour.net To: freebsd-gnats-submit@FreeBSD.org Subject: bin/16929: [PATCH] prevent possible race condition in sort Message-ID: <200002230653.WAA66054@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 16929
>Category: bin
>Synopsis: [PATCH] prevent possible race condition in sort
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Tue Feb 22 23:00:01 PST 2000
>Closed-Date:
>Last-Modified:
>Originator: Mike Heffner
>Release: 4.0-current
>Organization:
>Environment:
FreeBSD 4.0-CURRENT #0: Sat Feb 19 20:05:45 EST 2000
>Description:
sort can create the following predictable tempfiles:
/tmp/sort{pid}{seq}
>How-To-Repeat:
run sort
>Fix:
Since sort can create many tempfiles, we should leave it's current
naming scheme alone, rather create a secure dir in TMP with mkdtemp(3),
and let sort dumps it's file in there.
Apply the following patch, sorry there might be whitespace bugs =(
Index: gnu/usr.bin/sort/sort.c
===================================================================
RCS file: /home/ncvs/src/gnu/usr.bin/sort/sort.c,v
retrieving revision 1.15
diff -u -r1.15 sort.c
--- sort.c 1999/04/25 22:14:05 1.15
+++ sort.c 2000/02/23 06:45:13
@@ -171,6 +171,8 @@
/* Prefix for temporary file names. */
static char *temp_file_prefix;
+/* Temporary dir for temp files, *with* above prefix */
+static char *temp_dir = NULL;
/* Flag to reverse the order of all comparisons. */
static int reverse;
@@ -288,6 +290,9 @@
for (node = temphead.next; node; node = node->next)
unlink (node->name);
+ if( temp_dir )
+ rmdir(temp_dir);
+
}
/* Allocate N bytes of memory dynamically, with error checking. */
@@ -413,6 +418,7 @@
}
}
+#define DIR_TEMPLATE "sortXXXXXXXXXX"
/* Return a name for a temporary file. */
static char *
@@ -420,15 +426,29 @@
{
static unsigned int seq;
int len = strlen (temp_file_prefix);
- char *name = xmalloc (len + 1 + sizeof ("sort") - 1 + 5 + 5 + 1);
+ char *name=xmalloc(len + 1 + sizeof(DIR_TEMPLATE)-1 + 1 + sizeof("sort")-1 + 5 + 5 + 1);
struct tempnode *node;
node = (struct tempnode *) xmalloc (sizeof (struct tempnode));
+ if( !temp_dir )
+ {
+ temp_dir = xmalloc( len + 1 + sizeof(DIR_TEMPLATE) );
+ sprintf(temp_dir,
+ "%s%s%s",
+ temp_file_prefix,
+ (len && temp_file_prefix[len - 1] != '/') ? "/" : "",
+ DIR_TEMPLATE);
+ if( mkdtemp(temp_dir) == NULL )
+ {
+ error(0, errno, _("can't make temp dir"));
+ exit(2);
+ }
+ }
+
sprintf (name,
- "%s%ssort%5.5d%5.5d",
- temp_file_prefix,
- (len && temp_file_prefix[len - 1] != '/') ? "/" : "",
- (unsigned int) getpid () & 0xffff, seq);
+ "%s/sort%5.5d%5.5d",
+ temp_dir,
+ (unsigned int) getpid () & 0xffff, seq);
/* Make sure that SEQ's value fits in 5 digits. */
++seq;
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200002230653.WAA66054>