From bda4387ea9b09e03be69d38db104f5245b32d110 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Oto=20=C5=A0=C5=A5=C3=A1va?= Date: Mon, 20 May 2024 11:52:27 +0200 Subject: [PATCH] daemon/tls_ephemeral_credentials: fix possible race between read() and fstat() --- daemon/tls_ephemeral_credentials.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/daemon/tls_ephemeral_credentials.c b/daemon/tls_ephemeral_credentials.c index 0d9ec6db6..2b928faaa 100644 --- a/daemon/tls_ephemeral_credentials.c +++ b/daemon/tls_ephemeral_credentials.c @@ -91,7 +91,7 @@ static gnutls_x509_privkey_t get_ephemeral_privkey (void) } data.size = stat.st_size; bytes_read = read(datafd, data.data, stat.st_size); - if (bytes_read != stat.st_size) { + if (bytes_read < 0 || bytes_read != stat.st_size) { kr_log_error(TLS, "unable to read ephemeral private key\n"); goto bad_data; } -- 2.47.2