mirrors/SDL
1
0
Fork 0
mirror of https://github.com/libsdl-org/SDL.git synced 2025-10-04 17:06:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix TOCTOU race condition

Browse Source 
Separately checking the state of a file before operating on it may allow
an attacker to modify the file between the two operations. (CWE-367)
Fix by using fstat() instead of stat().
This commit is contained in:
Mingjie Shen
2024-03-08 17:20:29 -05:00
committed by Sam Lantinga
parent cde793b0f5
commit 19b3ddac2f
3 changed files with 23 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/haptic/linux/SDL_syshaptic.c
View File

@@ -240,24 +240,26 @@ static int MaybeAddDevice(const char *path)
return -1;
}
/* check to see if file exists */
if (stat(path, &sb) != 0) {
/* try to open */
fd = open(path, O_RDWR | O_CLOEXEC, 0);
if (fd < 0) {
return -1;
}
/* get file status */
if (fstat(fd, &sb) != 0) {
close(fd);
return -1;
}
/* check for duplicates */
for (item = SDL_hapticlist; item; item = item->next) {
if (item->dev_num == sb.st_rdev) {
close(fd);
return -1; /* duplicate. */
}
}
/* try to open */
fd = open(path, O_RDWR | O_CLOEXEC, 0);
if (fd < 0) {
return -1;
}
#ifdef DEBUG_INPUT_EVENTS
printf("Checking %s\n", path);
#endif