Closed
Bug 1232942
Opened 9 years ago
Closed 8 years ago
[CID 1213980] NSS TOCTOU
Categories
(NSS :: Libraries, defect)
NSS
Libraries
Tracking
(firefox46 affected)
RESOLVED
INVALID
Tracking | Status | |
---|---|---|
firefox46 | --- | affected |
People
(Reporter: franziskus, Unassigned)
References
Details
(Keywords: coverity, Whiteboard: CID1213980)
os_stat(dbname, &stat_existing) and usage of dbname/file_mode in the following code yield possible TOCTOU.
utilmod.c:503
> /* get the permissions of the existing file, or use the default */
> if (!os_stat(dbname, &stat_existing)) {
> file_mode = stat_existing.st_mode;
> } else {
> file_mode = os_open_permissions_default;
> }
>
> /* do we really want to use streams here */
> fd = fopen(dbname, "r");
> if (fd == NULL) goto loser;
>
> fd2 = lfopen(dbname2, lfopen_truncate, file_mode);
I don't think this is a problem. At worst something could get the wrong permissions, but if an attacker could modify file permissions, they can do much worse.
Reporter | ||
Comment 2•8 years ago
|
||
I agree with David. Marking this as false positive.
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → INVALID
Updated•8 years ago
|
Group: crypto-core-security
You need to log in
before you can comment on or make changes to this bug.
Description
•