On Wed, 15 Oct 2014, Christos Zoulas wrote:
Modified Files:
src/bin/sh: redir.c
Log Message:
PR/48201: Miwa Susumu: Fix set -C (no clobber) for POSIX; from FreeBSD
Can't use O_EXCL because of device nodes; also truncate.
There are some TOCTOU races in this code, where something about
the file could change in between the stat() and the open().
Some ideas:
1. Keep the new code, with its races, but also verify that st_dev
and st_ino values remain unchanged between the stat() before
opening the file, and fstat() after opening the file.
2. Try open() with O_EXCL first, and fall back to racy code with
stat() only if the first open(O_EXCL) fails. Also use fstat() to
check that st_dev/st_ino do not change.
3. Invent one or more open(2) flags, such as O_SPECIAL for "must
be a device or other special file, must not be a plain file or a
directory". First try open(O_EXCL), and if that fails then try
open(O_SPECIAL).
--apb (Alan Barrett)
