api.c: Fix TOCTOU race in cgroup_get_procs()

codeql flagged a potential race between the time-of-check
and time-of-use (CWE-367) of the cgroup.procs file in
cgroup_get_procs().

Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
(cherry picked from commit 57da48f9deb77c82e46cf347b029f438638e9ad1)

diff --git a/src/api.c b/src/api.c
index 1cadc73f4c98a8f8426fe6f86011a89a91b85062..8f7a28c490cee60729305ca76dc1e8f6097304d0 100644 (file)
--- a/src/api.c
+++ b/src/api.c
@@ -5445,11 +5445,16 @@ int cgroup_get_procs(char *name, char *controller, pid_t **pids, int *size)
        cg_build_path(name, cgroup_path, controller);
        strncat(cgroup_path, "/cgroup.procs", FILENAME_MAX-strlen(cgroup_path));
 
-       /*
-        * This kernel does have support for cgroup.procs
-        */
-       if (access(cgroup_path, F_OK))
-               return ECGROUPUNSUPP;
+       procs = fopen(cgroup_path, "r");
+       if (!procs) {
+               last_errno = errno;
+               *pids = NULL;
+               *size = 0;
+               if (errno == ENOENT)
+                       return ECGROUPUNSUPP;
+               else
+                       return ECGOTHER;
+       }
 
        /*
         * Keep doubling the memory allocated if needed
@@ -5457,15 +5462,7 @@ int cgroup_get_procs(char *name, char *controller, pid_t **pids, int *size)
        tmp_list= malloc(sizeof(pid_t) * tot_procs);
        if (!tmp_list) {
                last_errno = errno;
-               return ECGOTHER;
-       }
-
-       procs = fopen(cgroup_path, "r");
-       if (!procs) {
-               last_errno = errno;
-               free(tmp_list);
-               *pids = NULL;
-               *size = 0;
+               fclose(procs);
                return ECGOTHER;
        }