From: Oliver Kurth <okurth@vmware.com>
Date: Fri, 22 Nov 2019 22:52:34 +0000 (-0800)
Subject: Fix Coverity reported issue time of check to time of use (TOCTOU) in deployPkg
X-Git-Tag: stable-11.1.0~139
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=96b778ed655a182bd857ed06f032ffc47cd2b8fe;p=thirdparty%2Fopen-vm-tools.git

Fix Coverity reported issue time of check to time of use (TOCTOU) in deployPkg

Change to call mkdir directly, then check and log the error.
---

diff --git a/open-vm-tools/libDeployPkg/mspackWrapper.c b/open-vm-tools/libDeployPkg/mspackWrapper.c
index 5f2aff21e..e3322d091 100644
--- a/open-vm-tools/libDeployPkg/mspackWrapper.c
+++ b/open-vm-tools/libDeployPkg/mspackWrapper.c
@@ -115,7 +115,6 @@ MspackWrapper_SetLogger(LogFunction log)
  **/
 unsigned int
 SetupPath (char* path) {
-   struct stat stats;
    char* token;
 
    // walk through the path (it employs in string replacement)
@@ -139,10 +138,10 @@ SetupPath (char* path) {
       sLog(log_debug, "Creating directory %s \n", path);
 #endif
 
-      // ignore if the directory exists
-      if (!((stat(path, &stats) == 0) && S_ISDIR(stats.st_mode))) {
-         // make directory and check error
-         if (mkdir(path, 0777) == -1) {
+      if (mkdir(path, 0777) == -1) {
+         struct stat stats;
+         // ignore if the directory exists
+         if (!((stat(path, &stats) == 0) && S_ISDIR(stats.st_mode))) {
             sLog(log_error, "Unable to create directory %s (%s)\n", path,
                  strerror(errno));
             return LINUXCAB_ERROR;