eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-05 16:00:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add coverity toctou annotation in device_open_excl.

Browse Source 
We can't avoid this race due to undefined behaviour if called with
O_EXCL flag on regular file.

Let's double-check fd with O_EXCL flag is actually open block device.
This commit is contained in:
Ondrej Kozina
2019-05-13 13:28:59 +02:00
parent 2d0079905e
commit 9159b5b120
1 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
lib/utils_device.c
View File

@@ -323,10 +323,18 @@ int device_open_excl(struct crypt_device *cd, struct device *device, int flags)
log_dbg(cd, "%s is not a block device. Can't open in exclusive mode.",
path);
else {
/* open(2) with O_EXCL (w/o O_CREAT) on regular file is undefined behaviour according to man page */
/* coverity[toctou] */
device->dev_fd_excl = open(path, O_RDONLY | O_EXCL);
if (device->dev_fd_excl < 0)
return errno == EBUSY ? -EBUSY : device->dev_fd_excl;
log_dbg(cd, "Device %s is blocked for exclusive open.", path);
if (fstat(device->dev_fd_excl, &st) || !S_ISBLK(st.st_mode)) {
log_dbg(cd, "%s is not a block device. Can't open in exclusive mode.",
path);
close(device->dev_fd_excl);
device->dev_fd_excl = -1;
} else
log_dbg(cd, "Device %s is blocked for exclusive open.", path);
}
}