[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: race condition in servers/slurpd/reject.c function write_reject() (ITS#2009)

To: openldap-its@OpenLDAP.org
Subject: Re: race condition in servers/slurpd/reject.c function write_reject() (ITS#2009)
From: Kurt@OpenLDAP.org
Date: Mon, 5 Aug 2002 17:47:14 GMT

Fixed in HEAD.

At 09:43 AM 2002-08-05, rhafer@suse.de wrote:
>Full_Name: Ralf Haferkamp
>Version: 2.0.25, HEAD
>OS: 
>URL: ftp://ftp.openldap.org/incoming/
>Submission from: (NULL) (213.95.15.201)
>
>
>This code contains a race condition
>
>    if ( access( rejfile, F_OK ) < 0 ) {
>        /* Doesn't exist - try to create */
>        int rjfd;
>        if (( rjfd = open( rejfile, O_RDWR | O_APPEND | O_CREAT,
>                S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP )) < 0 ) {
>
>The file could have been created between access() and open() (e.g. symlink
>attack). open should use "O_EXCL".

Prev by Date: Re: Overflow in servers/slurpd/reject.c function write_reject() (ITS#2007)
Next by Date: Re: LDIF lexing error in LDIF with CRLF terminators
Index(es):
- Chronological
- Thread