crossystem: avoid TOCTOU issue

Found by Coverity Scan #57203 BUG=none BRANCH=none TEST=none Change-Id: Ic04d1c7c3299ee5f779e7a8cf0359a8a1a751b5b Signed-off-by: Patrick Georgi <pgeorgi@google.com> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1815240 Reviewed-by: Julius Werner <jwerner@chromium.org> Tested-by: Patrick Georgi <pgeorgi@chromium.org> Commit-Queue: Patrick Georgi <pgeorgi@chromium.org>
author: Patrick Georgi <pgeorgi@google.com> 2019-09-20 22:03:58 +0200
committer: Commit Bot <commit-bot@chromium.org> 2019-09-26 15:30:19 +0000
commit: 8a966458f50afb2af475a9cb24fb817ac0383dfb (patch)
tree: 93946187c164c6053bf655e7d1b0e4c84b3dfcb8
parent: 14c01ac6c6e80b37e38c8b34d07e8501084ba2a8 (diff)
download: vboot-8a966458f50afb2af475a9cb24fb817ac0383dfb.tar.gz
1 files changed, 7 insertions, 2 deletions
diff --git a/host/arch/x86/lib/crossystem_arch.c b/host/arch/x86/lib/crossystem_arch.c
index 25d7a325..31510647 100644
--- a/host/arch/x86/lib/crossystem_arch.c
+++ b/host/arch/x86/lib/crossystem_arch.c
@@ -6,6 +6,7 @@
 #include <ctype.h>
 #include <dirent.h>
 #include <errno.h>
+#include <fcntl.h>
 #include <linux/nvram.h>
 #include <stddef.h>
 #include <stdint.h>
@@ -239,11 +240,15 @@ static uint8_t* VbGetBuffer(const char* filename, int* buffer_size)
 		int rv, i, real_size;
 		int parsed_size = 0;
 
-		rv = stat(filename, &fs);
+		int fd = open(filename, O_RDONLY);
+		if (fd == -1)
+			break;
+
+		rv = fstat(fd, &fs);
 		if (rv || !S_ISREG(fs.st_mode))
 			break;
 
-		f = fopen(filename, "r");
+		f = fdopen(fd, "r");
 		if (!f)
 			break;
author	Patrick Georgi <pgeorgi@google.com>	2019-09-20 22:03:58 +0200
committer	Commit Bot <commit-bot@chromium.org>	2019-09-26 15:30:19 +0000
commit	8a966458f50afb2af475a9cb24fb817ac0383dfb (patch)
tree	93946187c164c6053bf655e7d1b0e4c84b3dfcb8
parent	14c01ac6c6e80b37e38c8b34d07e8501084ba2a8 (diff)
download	vboot-8a966458f50afb2af475a9cb24fb817ac0383dfb.tar.gz