Skip to content

Commit

Permalink
Fix #1175, Use fstat and fchmod for TOCTOU Bug
Browse files Browse the repository at this point in the history
  • Loading branch information
arielswalker committed Oct 19, 2021
1 parent 64a6b31 commit 49c48c5
Showing 1 changed file with 9 additions and 7 deletions.
16 changes: 9 additions & 7 deletions ut_assert/src/uttools.c
Original file line number Diff line number Diff line change
Expand Up @@ -57,14 +57,15 @@ typedef struct
bool UtMem2BinFile(const void *Memory, const char *Filename, uint32 Length)
{
FILE * fp;
int fd;
struct stat dststat;

if ((fp = fopen(Filename, "w")))
{
if (stat(Filename, &dststat) == 0)
fd = fileno(fp);
if (fstat(fd, &dststat) == 0)
{
chmod(Filename, dststat.st_mode & ~(S_IRGRP | S_IWGRP | S_IXGRP | S_IROTH | S_IWOTH | S_IXOTH));
stat(Filename, &dststat);
fchmod(fd, dststat.st_mode & ~(S_IRGRP | S_IWGRP | S_IXGRP | S_IROTH | S_IWOTH | S_IXOTH));
}

fwrite(Memory, Length, 1, fp);
Expand Down Expand Up @@ -106,14 +107,15 @@ bool UtMem2HexFile(const void *Memory, const char *Filename, uint32 Length)
FILE * fp;
uint32 i;
uint32 j;
int fd;
struct stat dststat;

if ((fp = fopen(Filename, "w")))
{
if (stat(Filename, &dststat) == 0)
fd = fileno(fp);
if (fstat(fd, &dststat) == 0)
{
chmod(Filename, dststat.st_mode & ~(S_IRGRP | S_IWGRP | S_IXGRP | S_IROTH | S_IWOTH | S_IXOTH));
stat(Filename, &dststat);
fchmod(fd, dststat.st_mode & ~(S_IRGRP | S_IWGRP | S_IXGRP | S_IROTH | S_IWOTH | S_IXOTH));
}

for (i = 0; i < Length; i += 16)
Expand Down

0 comments on commit 49c48c5

Please sign in to comment.