| vzctl: race condition at open("/sbin/init") [message #47277] |
Wed, 25 July 2012 19:07  |
Vasily Kulikov
Messages: 2
Registered: July 2012
|
Junior Member |
|
|
Hi,
stat()+open() is not atomic in the code below, so there is a race
condition. A container root may change /sbin/init between these calls
to e.g. FIFO and then make the vzctl's process hang up on read().
I'd add O_NOCTTY to open's flags and change stat() before open() to
fstat() just after open().
vzctl-3.3/src/lib/readelf.c:
int get_arch_from_elf(const char *file)
{
...
if (stat(file, &st)) <<<<<
return -1;
if (!S_ISREG(st.st_mode))
return -1;
fd = open(file, O_RDONLY); <<<<<
if (fd < 0)
return -1;
nbytes = read(fd, (void *) &elf_hdr, sizeof(elf_hdr));
...
}
Thanks,
--
Vasily
|
|
|
|
OpenVZ Forum
Members
Search
Help
Register
Login
Home
