From 96b778ed655a182bd857ed06f032ffc47cd2b8fe Mon Sep 17 00:00:00 2001 From: Oliver Kurth Date: Fri, 22 Nov 2019 14:52:34 -0800 Subject: [PATCH] Fix Coverity reported issue time of check to time of use (TOCTOU) in deployPkg Change to call mkdir directly, then check and log the error. --- open-vm-tools/libDeployPkg/mspackWrapper.c | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/open-vm-tools/libDeployPkg/mspackWrapper.c b/open-vm-tools/libDeployPkg/mspackWrapper.c index 5f2aff21e..e3322d091 100644 --- a/open-vm-tools/libDeployPkg/mspackWrapper.c +++ b/open-vm-tools/libDeployPkg/mspackWrapper.c @@ -115,7 +115,6 @@ MspackWrapper_SetLogger(LogFunction log) **/ unsigned int SetupPath (char* path) { - struct stat stats; char* token; // walk through the path (it employs in string replacement) @@ -139,10 +138,10 @@ SetupPath (char* path) { sLog(log_debug, "Creating directory %s \n", path); #endif - // ignore if the directory exists - if (!((stat(path, &stats) == 0) && S_ISDIR(stats.st_mode))) { - // make directory and check error - if (mkdir(path, 0777) == -1) { + if (mkdir(path, 0777) == -1) { + struct stat stats; + // ignore if the directory exists + if (!((stat(path, &stats) == 0) && S_ISDIR(stats.st_mode))) { sLog(log_error, "Unable to create directory %s (%s)\n", path, strerror(errno)); return LINUXCAB_ERROR; -- 2.47.3