Date: prev next · Thread: first prev next last
2011 Archives by date, by thread · List index


On Wed, Jul 13, 2011 at 09:16:33AM -0600, Tor Lillqvist wrote:
Do we really want to have those access() checks there?

I am not evil enough to think of a way to abuse that code (insert maniacal laughter), but in 
general, isn't that exactly the kind of coding that could be a security vulnerability? (TOCTTOU 
seems to be the technical term, http://en.wikipedia.org/wiki/Time-of-check-to-time-of-use )

I've removed the checks in this new version of the patch 

Would that be more acceptable ?

-- 
Francois Tigeot
diff --git a/sal/osl/unx/tempfile.c b/sal/osl/unx/tempfile.c
index 862aff2..64ce56b 100644
--- a/sal/osl/unx/tempfile.c
+++ b/sal/osl/unx/tempfile.c
@@ -49,53 +49,29 @@
 #include "file_url.h"
 #endif
  
-/*****************************************************************/
-/* osl_getTempFirURL                                             */
-/*****************************************************************/
-
 oslFileError SAL_CALL osl_getTempDirURL( rtl_uString** pustrTempDir )
 {
-#ifdef MACOSX
+    oslFileError error;
+    /* described in environ(7) */
     const char *pValue = getenv( "TMPDIR" );
 
-    /* If TMPDIR environment variable is not set, use "/tmp" instead
-       of P_tmpdir because its value is "/var/tmp" and it is not
-       deleted on system start up */
     if ( !pValue )
-        pValue = "/tmp";
-#else
-
-    const char *pValue = getenv( "TEMP" );
+        pValue = getenv( "TEMP" );
 
     if ( !pValue )
         pValue = getenv( "TMP" );
 
-#if defined(NETBSD)
-    if ( !pValue )
-        pValue = _PATH_TMP;
-#else
-    if ( !pValue )
-        pValue = P_tmpdir;
-#endif
-
     if ( !pValue )
         pValue = "/tmp";
-#endif /* MACOSX */
 
-    if ( pValue )
-    {
-        oslFileError error;
-        rtl_uString    *ustrTempPath = NULL;
+    rtl_uString        *ustrTempPath = NULL;
 
-        rtl_string2UString( &ustrTempPath, pValue, strlen( pValue ), osl_getThreadTextEncoding(), 
OSTRING_TO_OUSTRING_CVTFLAGS );
-        OSL_ASSERT(ustrTempPath != NULL);
-        error = osl_getFileURLFromSystemPath( ustrTempPath, pustrTempDir );
-        rtl_uString_release( ustrTempPath );
+    rtl_string2UString( &ustrTempPath, pValue, strlen( pValue ), osl_getThreadTextEncoding(), 
OSTRING_TO_OUSTRING_CVTFLAGS );
+    OSL_ASSERT(ustrTempPath != NULL);
+    error = osl_getFileURLFromSystemPath( ustrTempPath, pustrTempDir );
+    rtl_uString_release( ustrTempPath );
         
-        return error;
-    }
-    else
-        return osl_File_E_NOENT;
+    return error;
 }
 
 /******************************************************************

Context


Privacy Policy | Impressum (Legal Info) | Copyright information: Unless otherwise specified, all text and images on this website are licensed under the Creative Commons Attribution-Share Alike 3.0 License. This does not include the source code of LibreOffice, which is licensed under the Mozilla Public License (MPLv2). "LibreOffice" and "The Document Foundation" are registered trademarks of their corresponding registered owners or are in actual use as trademarks in one or more countries. Their respective logos and icons are also subject to international copyright laws. Use thereof is explained in our trademark policy.