GNU bug report logs - #25680
[PATCH] copy: Avoid race when creating hard link over recently-created file

Previous Next

Package: coreutils;

Reported by: Mike Crowe <mac <at> mcrowe.com>

Date: Fri, 10 Feb 2017 19:50:02 UTC

Severity: normal

Tags: patch

Done: Paul Eggert <eggert <at> cs.ucla.edu>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Mike Crowe <mac <at> mcrowe.com>
To: Paul Eggert <eggert <at> cs.ucla.edu>
Cc: 25680 <at> debbugs.gnu.org
Subject: bug#25680: [PATCH] copy: Avoid race when creating hard link over recently-created file
Date: Fri, 10 Feb 2017 21:19:19 +0000

On Friday 10 February 2017 at 11:55:35 -0800, Paul Eggert wrote:
> On 02/10/2017 11:18 AM, Mike Crowe wrote:
> >-  if (link_failed && replace && errno == EEXIST)
> >+  while (link_failed && replace && errno == EEXIST)
> 
> This could cause 'cp -f' to loop forever, if an attacker keeps creating hard
> links. Is this a new vulnerability? I don't recall any other way that
> copying from a finite source could take forever.
> 
> One possible solution would be to loop for just a few times, and then give
> up with a diagnostic.

Indeed, that's why I wrote:
> There is at least some risk that the while loop in
> create_hard_link might spin forever, but something else would have to be
> recreating the file again rather quickly. It might make sense for me to
> add a maximum number of retries.

Do you think that if I added such a limit and diagnostic then the patch
would be acceptable?

Thanks for the review.

Mike.

This bug report was last modified 8 years and 101 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #25680 [PATCH] copy: Avoid race when creating hard link over recently-created file

GNU bug report logs - #25680
[PATCH] copy: Avoid race when creating hard link over recently-created file