mkfs: properly fix TOCTOU open/stat race in config file handling

After open of the configfile, simply fstat() that fd to ensure that
we are checking the file we just opened, not something that got
renamed in between.

Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Reviewed-by: Darrick J. Wong <darrick.wong@oracle.com>
Signed-off-by: Eric Sandeen <sandeen@sandeen.net>

diff --git a/mkfs/config.c b/mkfs/config.c
index bfd14c9f5b93702b5002ed030f08fd130007bc06..fcc7035c7b8bc2c8053e8cbc6af483663dd5313d 100644 (file)
--- a/mkfs/config.c
+++ b/mkfs/config.c
@@ -550,7 +550,7 @@ open_cli_config(
                if (fd < 0)
                        goto out;
 
-               ret = fstatat(dirfd, cli_config_file, &st, AT_SYMLINK_NOFOLLOW);
+               ret = fstat(fd, &st);
                if (ret != 0)
                        goto err_out_close;
 
@@ -563,7 +563,7 @@ open_cli_config(
 
        memcpy(*fpath, cli_config_file, strlen(cli_config_file));
 
-       ret = fstatat(AT_FDCWD, cli_config_file, &st, AT_SYMLINK_NOFOLLOW);
+       ret = fstat(fd, &st);
        if (ret != 0)
                goto err_out_close;
 
@@ -628,7 +628,7 @@ open_config_file(
                goto err_out_close;
        }
 
-       ret = fstatat(dirfd, "default", &st, AT_SYMLINK_NOFOLLOW);
+       ret = fstat(fd, &st);
        if (ret != 0)
                goto err_out_close;