GNU bug report logs - #25680
[PATCH] copy: Avoid race when creating hard link over recently-created file

Previous Next

Package: coreutils;

Reported by: Mike Crowe <mac <at> mcrowe.com>

Date: Fri, 10 Feb 2017 19:50:02 UTC

Severity: normal

Tags: patch

Done: Paul Eggert <eggert <at> cs.ucla.edu>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Paul Eggert <eggert <at> cs.ucla.edu>
To: Mike Crowe <mac <at> mcrowe.com>, 25680 <at> debbugs.gnu.org
Subject: bug#25680: [PATCH] copy: Avoid race when creating hard link over recently-created file
Date: Fri, 10 Feb 2017 11:55:35 -0800

On 02/10/2017 11:18 AM, Mike Crowe wrote:
> -  if (link_failed && replace && errno == EEXIST)
> +  while (link_failed && replace && errno == EEXIST)

This could cause 'cp -f' to loop forever, if an attacker keeps creating 
hard links. Is this a new vulnerability? I don't recall any other way 
that copying from a finite source could take forever.

One possible solution would be to loop for just a few times, and then 
give up with a diagnostic.

This bug report was last modified 8 years and 101 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #25680 [PATCH] copy: Avoid race when creating hard link over recently-created file

GNU bug report logs - #25680
[PATCH] copy: Avoid race when creating hard link over recently-created file