[src/trunk]: src/usr.sbin/syslogd CID 1128379: Fix TOCTOU, always open the fi...

[christos <christos%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/abd75b81bebf
branches:  trunk
changeset: 791278:abd75b81bebf
user:      christos <christos%NetBSD.org@localhost>
date:      Mon Nov 11 16:39:21 2013 +0000

description:
CID 1128379: Fix TOCTOU, always open the file first with non-blocking I/O,
do that stat later and leave the file as non-blocking because it does not
make a difference for plain files.

diffstat:

 usr.sbin/syslogd/syslogd.c |  21 ++++++++++-----------
 1 files changed, 10 insertions(+), 11 deletions(-)

diffs (53 lines):

diff -r 8620754da179 -r abd75b81bebf usr.sbin/syslogd/syslogd.c
--- a/usr.sbin/syslogd/syslogd.c        Mon Nov 11 16:32:10 2013 +0000
+++ b/usr.sbin/syslogd/syslogd.c        Mon Nov 11 16:39:21 2013 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: syslogd.c,v 1.117 2013/11/09 19:00:18 christos Exp $   */
+/*     $NetBSD: syslogd.c,v 1.118 2013/11/11 16:39:21 christos Exp $   */
 
 /*
  * Copyright (c) 1983, 1988, 1993, 1994
@@ -39,7 +39,7 @@
 #if 0
 static char sccsid[] = "@(#)syslogd.c  8.3 (Berkeley) 4/4/94";
 #else
-__RCSID("$NetBSD: syslogd.c,v 1.117 2013/11/09 19:00:18 christos Exp $");
+__RCSID("$NetBSD: syslogd.c,v 1.118 2013/11/11 16:39:21 christos Exp $");
 #endif
 #endif /* not lint */
 
@@ -3898,26 +3898,25 @@
                        f->f_flags |= FFLAG_SIGN;
 #endif /* !DISABLE_SIGN */
                (void)strlcpy(f->f_un.f_fname, p, sizeof(f->f_un.f_fname));
-               if (!stat(p, &sb) && S_ISFIFO(sb.st_mode)) {
+               if ((f->f_file = open(p, O_WRONLY|O_APPEND|O_NONBLOCK, 0)) < 0)
+               {
+                       f->f_type = F_UNUSED;
+                       logerror("%s", p);
+                       break;
+               }
+               if (!fstat(f->f_file, &sb) && S_ISFIFO(sb.st_mode)) {
                        f->f_file = -1;
                        f->f_type = F_FIFO;
                        break;
                }
 
-               if ((f->f_file = open(p, O_WRONLY|O_APPEND, 0)) < 0) {
-                       f->f_type = F_UNUSED;
-                       logerror("%s", p);
-                       break;
-               }
                if (isatty(f->f_file)) {
                        f->f_type = F_TTY;
                        if (strcmp(p, ctty) == 0)
                                f->f_type = F_CONSOLE;
-                       if (fcntl(f->f_file, F_SETFL, O_NONBLOCK) == -1)
-                               logerror("Warning: cannot change tty fd for"
-                                   " `%s' to non-blocking.", p);
                } else
                        f->f_type = F_FILE;
+
                if (syncfile)
                        f->f_flags |= FFLAG_SYNC;
                break;