projects
/
lttng-tools.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Fix: sessiond: TOCTOU error on save of session configuration
[lttng-tools.git]
/
src
/
bin
/
lttng-sessiond
/
save.c
diff --git
a/src/bin/lttng-sessiond/save.c
b/src/bin/lttng-sessiond/save.c
index b9bcc666d797cf0bb97fc0ec88c5eff2e508a141..43e76c0b60df13f7fa2ec725c2f22b9d5eb8e2c1 100644
(file)
--- a/
src/bin/lttng-sessiond/save.c
+++ b/
src/bin/lttng-sessiond/save.c
@@
-115,6
+115,13
@@
int save_kernel_channel_attributes(struct config_writer *writer,
if (ret) {
goto end;
}
if (ret) {
goto end;
}
+
+ ret = config_writer_write_element_signed_int(writer,
+ config_element_blocking_timeout,
+ ext->blocking_timeout);
+ if (ret) {
+ goto end;
+ }
}
end:
}
end:
@@
-171,6
+178,13
@@
int save_ust_channel_attributes(struct config_writer *writer,
goto end;
}
goto end;
}
+ ret = config_writer_write_element_signed_int(writer,
+ config_element_blocking_timeout,
+ attr->u.s.blocking_timeout);
+ if (ret) {
+ goto end;
+ }
+
/*
* Fetch the monitor timer which is located in the parent of
* lttng_ust_channel_attr
/*
* Fetch the monitor timer which is located in the parent of
* lttng_ust_channel_attr
@@
-201,13
+215,13
@@
const char *get_kernel_instrumentation_string(
instrumentation_string = config_event_type_tracepoint;
break;
case LTTNG_KERNEL_KPROBE:
instrumentation_string = config_event_type_tracepoint;
break;
case LTTNG_KERNEL_KPROBE:
- instrumentation_string = config_event_type_
k
probe;
+ instrumentation_string = config_event_type_probe;
break;
case LTTNG_KERNEL_FUNCTION:
break;
case LTTNG_KERNEL_FUNCTION:
- instrumentation_string = config_event_type_function;
+ instrumentation_string = config_event_type_function
_entry
;
break;
case LTTNG_KERNEL_KRETPROBE:
break;
case LTTNG_KERNEL_KRETPROBE:
- instrumentation_string = config_event_type_
kretprobe
;
+ instrumentation_string = config_event_type_
function
;
break;
case LTTNG_KERNEL_NOOP:
instrumentation_string = config_event_type_noop;
break;
case LTTNG_KERNEL_NOOP:
instrumentation_string = config_event_type_noop;
@@
-1876,13
+1890,13
@@
static
int save_session(struct ltt_session *session,
struct lttng_save_session_attr *attr, lttng_sock_cred *creds)
{
int save_session(struct ltt_session *session,
struct lttng_save_session_attr *attr, lttng_sock_cred *creds)
{
- int ret, fd;
- unsigned int file_opened = 0; /* Indicate if the file has been opened */
- char config_file_path[PATH_MAX];
+ int ret, fd = -1;
+ char config_file_path[LTTNG_PATH_MAX];
size_t len;
struct config_writer *writer = NULL;
size_t session_name_len;
const char *provided_path;
size_t len;
struct config_writer *writer = NULL;
size_t session_name_len;
const char *provided_path;
+ int file_open_flags = O_CREAT | O_WRONLY | O_TRUNC;
assert(session);
assert(attr);
assert(session);
assert(attr);
@@
-1906,7
+1920,7
@@
int save_session(struct ltt_session *session,
ret = LTTNG_ERR_SET_URL;
goto end;
}
ret = LTTNG_ERR_SET_URL;
goto end;
}
- strncpy(config_file_path, provided_path,
len
);
+ strncpy(config_file_path, provided_path,
sizeof(config_file_path)
);
} else {
ssize_t ret_len;
char *home_dir = utils_get_user_home_dir(
} else {
ssize_t ret_len;
char *home_dir = utils_get_user_home_dir(
@@
-1950,27
+1964,34
@@
int save_session(struct ltt_session *session,
* was done just above.
*/
config_file_path[len++] = '/';
* was done just above.
*/
config_file_path[len++] = '/';
- strncpy(config_file_path + len, session->name, s
ession_name_
len);
+ strncpy(config_file_path + len, session->name, s
izeof(config_file_path) -
len);
len += session_name_len;
strcpy(config_file_path + len, DEFAULT_SESSION_CONFIG_FILE_EXTENSION);
len += sizeof(DEFAULT_SESSION_CONFIG_FILE_EXTENSION);
config_file_path[len] = '\0';
len += session_name_len;
strcpy(config_file_path + len, DEFAULT_SESSION_CONFIG_FILE_EXTENSION);
len += sizeof(DEFAULT_SESSION_CONFIG_FILE_EXTENSION);
config_file_path[len] = '\0';
- if (!access(config_file_path, F_OK) && !attr->overwrite) {
- /* File exists, notify the user since the overwrite flag is off. */
- ret = LTTNG_ERR_SAVE_FILE_EXIST;
- goto end;
+ if (!attr->overwrite) {
+ file_open_flags |= O_EXCL;
}
}
- fd = run_as_open(config_file_path,
O_CREAT | O_WRONLY | O_TRUNC
,
+ fd = run_as_open(config_file_path,
file_open_flags
,
S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP,
LTTNG_SOCK_GET_UID_CRED(creds), LTTNG_SOCK_GET_GID_CRED(creds));
if (fd < 0) {
PERROR("Could not create configuration file");
S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP,
LTTNG_SOCK_GET_UID_CRED(creds), LTTNG_SOCK_GET_GID_CRED(creds));
if (fd < 0) {
PERROR("Could not create configuration file");
- ret = LTTNG_ERR_SAVE_IO_FAIL;
+ switch (errno) {
+ case EEXIST:
+ ret = LTTNG_ERR_SAVE_FILE_EXIST;
+ break;
+ case EACCES:
+ ret = LTTNG_ERR_EPERM;
+ break;
+ default:
+ ret = LTTNG_ERR_SAVE_IO_FAIL;
+ break;
+ }
goto end;
}
goto end;
}
- file_opened = 1;
writer = config_writer_create(fd, 1);
if (!writer) {
writer = config_writer_create(fd, 1);
if (!writer) {
@@
-2075,12
+2096,12
@@
end:
}
if (ret) {
/* Delete file in case of error */
}
if (ret) {
/* Delete file in case of error */
- if (
file_opened
&& unlink(config_file_path)) {
+ if (
(fd >= 0)
&& unlink(config_file_path)) {
PERROR("Unlinking XML session configuration.");
}
}
PERROR("Unlinking XML session configuration.");
}
}
- if (f
ile_opened
) {
+ if (f
d >= 0
) {
ret = close(fd);
if (ret) {
PERROR("Closing XML session configuration");
ret = close(fd);
if (ret) {
PERROR("Closing XML session configuration");
This page took
0.047913 seconds
and
4
git commands to generate.