GNU bug report logs - #11100
Racy code in copy.c

Previous Next

Package: coreutils;

Reported by: Philipp Thomas <pth <at> suse.de>

Date: Tue, 27 Mar 2012 13:32:02 UTC

Severity: normal

Merged with 11074

Done: Jim Meyering <jim <at> meyering.net>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Paul Eggert <eggert <at> cs.ucla.edu>
To: Jim Meyering <jim <at> meyering.net>
Cc: NeilBrown <neilb <at> suse.de>, Philipp Thomas <pth <at> suse.de>, 11100 <at> debbugs.gnu.org
Subject: bug#11100: Racy code in copy.c
Date: Wed, 28 Mar 2012 11:26:32 -0700

On 03/28/2012 09:07 AM, Jim Meyering wrote:
>>        if ((use_stat
>> > -           ? stat (dst_name, &dst_sb)
>> > +           ? (stat (dst_name, &dst_sb) < 0 ? -1 :
>> > +	      (fd = open (dst_name, O_WRONLY)) < 0 ? -1 : 0)
>> >             : lstat (dst_name, &dst_sb))
>> >            != 0)
> At first glance, that might be reasonable: the additional open
> is incurred only after a failed stat.
> I'll look more closely in a week or two if no one else investigates.

Come to think of it, wouldn't it be more efficient to
do an open (dst_name, O_WRONLY | O_BINARY), and then
fstat the resulting fd, falling back on 'stat' only if the
open fails with errno == EACCES?   That should be
more efficient in the usual case, since it'd resolve
the file name fewer times in the usual case.

This bug report was last modified 3 years and 184 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #11100 Racy code in copy.c

GNU bug report logs - #11100
Racy code in copy.c