...
| Code Block | ||
|---|---|---|
| ||
struct stat lstat_info;
int fd;
if (lstat("some_file", &lstat_info) == -1) {
/* handle error */
}
if (!S_ISLNK(lstat_info.st_mode)) {
if ((fd = open("some_file", O_EXCL|O_RDWR, 0600)) == -1) {
/* handle error */
}
}
write(fd, userbuf, userlen);
|
Compliant Solution (Linux 2.1.26+ and FreeBSD)
Some systems provide the O_NOFOLLOW flag to help mitigate this problem. If the supplied pathname is a symbolic link, then the open will fail.
| Code Block | ||
|---|---|---|
| ||
int fd;
if ((fd = open("some_file", O_EXCL|O_RDWR|O_NOFOLLOW, 0600)) == -1) {
/* handle error */
}
write(fd, userbuf, userlen);
|
Compliant Solution
This compliant solution properly checks for the existence of a link and eliminates the race condition.
...