alsa-lib icon indicating copy to clipboard operation
alsa-lib copied to clipboard
verified publisher icon alsa-project

ucm: fix TOCTOU race condition

Open szsam opened this issue 2 years ago • 0 comments

Separately checking the state of a file before operating on it may allow an attacker to modify the file between the two operations. Fix by calling readlink first. If that fails, then path should not be a symbolic link and we call open() followed by fstat(). open() with O_NOFOLLOW will return an error if the file is a symlink.

szsam avatar Nov 16 '23 20:11 szsam