diff options
author | Joseph Myers <joseph@codesourcery.com> | 2018-07-18 21:04:12 +0000 |
---|---|---|
committer | Joseph Myers <joseph@codesourcery.com> | 2018-07-18 21:04:12 +0000 |
commit | 5c112f1b62b6fca7348c64a004e9fc4cfdaca1ad (patch) | |
tree | 67ea596cd3c6810bb13df1fb6a1e0d2ae29f7120 /posix | |
parent | 6d90776dff7e70e08fa46f9cd7576dd0eeb06da2 (diff) | |
download | glibc-5c112f1b62b6fca7348c64a004e9fc4cfdaca1ad.tar.gz |
Avoid insecure usage of tmpnam in tests.
Various glibc testcases use tmpnam in ways subject to race conditions
(generate a temporary file name, then later open that file without
O_EXCL).
This patch fixes those tests to use mkstemp - generally a minimal
local fix to use mkstemp instead of tmpnam, rather than a larger fix
to use other testsuite infrastructure for temporary files. The
unchanged use of tmpnam in posix/wordexp-test.c would fail safe in the
event of a race (it's generating a name for use with mkdir rather than
for a file to be opened for writing).
Tested for x86_64.
* grp/tst_fgetgrent.c: Include <unistd.h>.
(main): Use mkstemp instead of tmpnam.
* io/test-utime.c (main): Likewise.
* posix/annexc.c (macrofile): Change to modifiable array.
(get_null_defines): Use mkstemp instead of tmpnam. Do not remove
macrofile here.
* posix/bug-getopt1.c: Include <stdlib.h>.
(do_test): Use mkstemp instead of tmpnam.
* posix/bug-getopt2.c: Include <stdlib.h>.
(do_test): Use mkstemp instead of tmpnam.
* posix/bug-getopt3.c: Include <stdlib.h>.
(do_test): Use mkstemp instead of tmpnam.
* posix/bug-getopt4.c: Include <stdlib.h>.
(do_test): Use mkstemp instead of tmpnam.
* posix/bug-getopt5.c: Include <stdlib.h>.
(do_test): Use mkstemp instead of tmpnam.
* stdio-common/bug7.c: Include <stdlib.h> and <unistd.h>.
(main): Use mkstemp instead of tmpnam.
* stdio-common/tst-fdopen.c: Include <stdlib.h>.
(main): Use mkstemp instead of tmpnam.
* stdio-common/tst-ungetc.c: Include <stdlib.h>.
(main): use mkstemp instead of tmpnam.
* stdlib/isomac.c (macrofile): Change to modifiable array.
(get_null_defines): Use mkstemp instead of tmpnam. Do not remove
macrofile here.
Diffstat (limited to 'posix')
-rw-r--r-- | posix/annexc.c | 14 | ||||
-rw-r--r-- | posix/bug-getopt1.c | 9 | ||||
-rw-r--r-- | posix/bug-getopt2.c | 9 | ||||
-rw-r--r-- | posix/bug-getopt3.c | 9 | ||||
-rw-r--r-- | posix/bug-getopt4.c | 9 | ||||
-rw-r--r-- | posix/bug-getopt5.c | 9 |
6 files changed, 40 insertions, 19 deletions
diff --git a/posix/annexc.c b/posix/annexc.c index fe3a600ed7..66768dbe2a 100644 --- a/posix/annexc.c +++ b/posix/annexc.c @@ -26,7 +26,7 @@ #define HEADER_MAX 256 -static const char *macrofile; +static char macrofile[] = "/tmp/annexc.XXXXXX"; /* <aio.h>. */ static const char *const aio_syms[] = @@ -657,6 +657,8 @@ main (int argc, char *argv[]) for (h = 0; h < NUMBER_OF_HEADERS; ++h) result |= check_header (&headers[h], ignore_list); + remove (macrofile); + /* The test suite should return errors but for now this is not practical. Give a warning and ask the user to correct the bugs. */ return result; @@ -712,7 +714,13 @@ get_null_defines (void) FILE *input; int first = 1; - macrofile = tmpnam (NULL); + int fd = mkstemp (macrofile); + if (fd == -1) + { + printf ("mkstemp failed: %m\n"); + exit (1); + } + close (fd); command = malloc (sizeof fmt + sizeof "/dev/null" + 2 * strlen (CC) + strlen (INC) + strlen (macrofile)); @@ -784,7 +792,6 @@ get_null_defines (void) } result[result_len] = NULL; fclose (input); - remove (macrofile); return (const char **) result; } @@ -879,7 +886,6 @@ check_header (const struct header *header, const char **except) result |= 1; } fclose (input); - remove (macrofile); for (i = 0; i < header->nsyms; ++i) if (found[i] == 0) diff --git a/posix/bug-getopt1.c b/posix/bug-getopt1.c index a47dc7e229..a5a37116d2 100644 --- a/posix/bug-getopt1.c +++ b/posix/bug-getopt1.c @@ -1,6 +1,7 @@ /* BZ 11039 */ #include <unistd.h> #include <stdio.h> +#include <stdlib.h> static int one_test (const char *fmt, int argc, char *argv[], int expected[argc - 1]) @@ -39,12 +40,14 @@ one_test (const char *fmt, int argc, char *argv[], int expected[argc - 1]) static int do_test (void) { - char *fname = tmpnam (NULL); - if (fname == NULL) + char fname[] = "/tmp/bug-getopt1.XXXXXX"; + int fd = mkstemp (fname); + if (fd == -1) { - puts ("cannot generate name for temporary file"); + printf ("mkstemp failed: %m\n"); return 1; } + close (fd); if (freopen (fname, "w+", stderr) == NULL) { diff --git a/posix/bug-getopt2.c b/posix/bug-getopt2.c index 93c3035ccd..8f92f0c6ee 100644 --- a/posix/bug-getopt2.c +++ b/posix/bug-getopt2.c @@ -1,6 +1,7 @@ /* BZ 11039 */ #include <unistd.h> #include <stdio.h> +#include <stdlib.h> static int one_test (const char *fmt, int argc, char *argv[], int expected[argc - 1]) @@ -37,12 +38,14 @@ one_test (const char *fmt, int argc, char *argv[], int expected[argc - 1]) static int do_test (void) { - char *fname = tmpnam (NULL); - if (fname == NULL) + char fname[] = "/tmp/bug-getopt2.XXXXXX"; + int fd = mkstemp (fname); + if (fd == -1) { - puts ("cannot generate name for temporary file"); + printf ("mkstemp failed: %m\n"); return 1; } + close (fd); if (freopen (fname, "w+", stderr) == NULL) { diff --git a/posix/bug-getopt3.c b/posix/bug-getopt3.c index c3a8cb225b..45a8d3ec3d 100644 --- a/posix/bug-getopt3.c +++ b/posix/bug-getopt3.c @@ -2,6 +2,7 @@ #include <getopt.h> #include <unistd.h> #include <stdio.h> +#include <stdlib.h> static const struct option opts[] = { @@ -48,12 +49,14 @@ one_test (const char *fmt, int argc, char *argv[], int n, int expected[n], static int do_test (void) { - char *fname = tmpnam (NULL); - if (fname == NULL) + char fname[] = "/tmp/bug-getopt3.XXXXXX"; + int fd = mkstemp (fname); + if (fd == -1) { - puts ("cannot generate name for temporary file"); + printf ("mkstemp failed: %m\n"); return 1; } + close (fd); if (freopen (fname, "w+", stderr) == NULL) { diff --git a/posix/bug-getopt4.c b/posix/bug-getopt4.c index 0956ca57fb..c5e3c1497a 100644 --- a/posix/bug-getopt4.c +++ b/posix/bug-getopt4.c @@ -2,6 +2,7 @@ #include <getopt.h> #include <unistd.h> #include <stdio.h> +#include <stdlib.h> static const struct option opts[] = { @@ -52,12 +53,14 @@ one_test (const char *fmt, int argc, char *argv[], int n, int expected[n]) static int do_test (void) { - char *fname = tmpnam (NULL); - if (fname == NULL) + char fname[] = "/tmp/bug-getopt4.XXXXXX"; + int fd = mkstemp (fname); + if (fd == -1) { - puts ("cannot generate name for temporary file"); + printf ("mkstemp failed: %m\n"); return 1; } + close (fd); if (freopen (fname, "w+", stderr) == NULL) { diff --git a/posix/bug-getopt5.c b/posix/bug-getopt5.c index ed2639d35b..4f67d9b2ec 100644 --- a/posix/bug-getopt5.c +++ b/posix/bug-getopt5.c @@ -2,6 +2,7 @@ #include <getopt.h> #include <unistd.h> #include <stdio.h> +#include <stdlib.h> static const struct option opts[] = { @@ -47,12 +48,14 @@ one_test (const char *fmt, int argc, char *argv[], int n, int expected[n]) static int do_test (void) { - char *fname = tmpnam (NULL); - if (fname == NULL) + char fname[] = "/tmp/bug-getopt5.XXXXXX"; + int fd = mkstemp (fname); + if (fd == -1) { - puts ("cannot generate name for temporary file"); + printf ("mkstemp failed: %m\n"); return 1; } + close (fd); if (freopen (fname, "w+", stderr) == NULL) { |