[Desktop-packages] [Bug 1101608] Re: Coverity TOCTOU - CID 12544 - compizconfig/libcompizconfig/src/compiz.cpp - in function: loadOptionsStringExtensionsFromXML(_CCSPlugin *, void *, stat *) - Calling function "stat(char const *, stat *)" to perform check on "pPrivate->xmlFile" in line 3174, 3 lines later calling function "fopen(char const *, char const *)" that uses "pPrivate->xmlFile" after a check function. This can cause a time-of-check, time-of-use race condition.

Tue, 03 Feb 2015 04:53:04 -0800 

** Changed in: compiz
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to compiz in Ubuntu.
https://bugs.launchpad.net/bugs/1101608

Title:
  Coverity TOCTOU - CID 12544 -
  compizconfig/libcompizconfig/src/compiz.cpp - in function:
  loadOptionsStringExtensionsFromXML(_CCSPlugin *, void *, stat *) -
  Calling function "stat(char const *, stat *)" to perform check on
  "pPrivate->xmlFile" in line 3174, 3 lines later calling function
  "fopen(char const *, char const *)" that uses "pPrivate->xmlFile"
  after a check function. This can cause a time-of-check, time-of-use
  race condition.

Status in Compiz:
  Fix Released
Status in Compiz 0.9.9 series:
  Won't Fix
Status in compiz package in Ubuntu:
  Fix Released

Bug description:
  This bug is exported from the Coverity Integration Manager on Canonical's 
servers. For information on how this is done please see this website: 
https://wiki.ubuntu.com/CanonicalProductStrategy/Coverity
  CID: 12544
  Checker: TOCTOU
  Category: No category available
  CWE definition: http://cwe.mitre.org/data/definitions/367.html
  File: 
/tmp/buildd/compiz-0.9.9~daily13.01.14/compizconfig/libcompizconfig/src/compiz.cpp
  Function: loadOptionsStringExtensionsFromXML(_CCSPlugin *, void *, stat *)
  Code snippet:
  3170     xmlDoc *doc = NULL;
  3171     xmlNode **nodes;
  3172     int num;
  3173 
  CID 12544 - TOCTOU
  Calling function "stat(char const *, stat *)" to perform check on 
"pPrivate->xmlFile".
  3174     if (stat (pPrivate->xmlFile, xmlStat))
  3175  return;
  3176 
  CID 12544 - TOCTOU
  Calling function "fopen(char const *, char const *)" that uses 
"pPrivate->xmlFile" after a check function. This can cause a time-of-check, 
time-of-use race condition.
  3177     FILE *fp = fopen (pPrivate->xmlFile, "r");
  3178     if (!fp)
  3179  return;

To manage notifications about this bug go to:
https://bugs.launchpad.net/compiz/+bug/1101608/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to     : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to