From owner-freebsd-audit  Tue Oct 24 10:56:49 2000
Delivered-To: freebsd-audit@freebsd.org
Received: from mail.rpi.edu (mail.rpi.edu [128.113.100.7])
	by hub.freebsd.org (Postfix) with ESMTP id D3CE737B4C5
	for <audit@FreeBSD.ORG>; Tue, 24 Oct 2000 10:56:41 -0700 (PDT)
Received: from [128.113.24.47] (gilead.acs.rpi.edu [128.113.24.47])
	by mail.rpi.edu (8.9.3/8.9.3) with ESMTP id NAA82434;
	Tue, 24 Oct 2000 13:56:36 -0400
Mime-Version: 1.0
X-Sender: drosih@mail.rpi.edu
Message-Id: <v04210107b61b7a18adac@[128.113.24.47]>
In-Reply-To: <20001024140510.G93799@lucifer.bart.nl>
References: <20001024140510.G93799@lucifer.bart.nl>
Date: Tue, 24 Oct 2000 13:56:34 -0400
To: Jeroen Ruigrok van der Werven <jruigrok@via-net-works.nl>,
	audit@FreeBSD.ORG
From: Garance A Drosihn <drosih@rpi.edu>
Subject: Re: printjob.c mktemp() problem
Content-Type: text/plain; charset="us-ascii" ; format="flowed"
Sender: owner-freebsd-audit@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

At 2:05 PM +0200 10/24/00, Jeroen Ruigrok van der Werven wrote:
>In printjob.c in the dir src/usr.sbin/lpr/lpd we see a mktemp()
>call which creates a file accroding to the template.
>
>I also see that it is getting unlink()'d again a bunch of lines
>later.

It is unlinked some 150 lines later, and a lot happens between
that mktemp and the call to unlink...

>I later on see some open() call on the same tempfile array which
>does exactly what the mktemp(3) manpage warns about.
>
>Am I right into thinking this might be a good candidate for a
>mktemp()->mkstemp() conversion?

If I ever get my commit status, I would have fixed this.

Also notice that mktemp() is called for a file-pattern which does
not have a '/' in it, and just a few lines later 'chdir' is called.
Thus, mktemp is potentially checking in a different directory than
the directory which is active when the file is actually created.

Thus, even ignoring the possible race condition (which is probably
not much of a problem in this case), the current mktemp call is
just plain wrong.  It is a great candidate for replacement.

IMO.


---
Garance Alistair Drosehn           =   gad@eclipse.acs.rpi.edu
Senior Systems Programmer          or  drosih@rpi.edu
Rensselaer Polytechnic Institute


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message