[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Weirdness with stat()

To: Jim Hull <imaginos@imaginos.net>
Subject: Re: Weirdness with stat()
From: Steve Schlaifer <steve@kihakkt.jetcafe.org>
Date: Tue, 4 Jul 2000 13:12:32 -0700 (PDT)
cc: kernel-audit@nl.linux.org
In-Reply-To: <Pine.LNX.4.20.0007041222010.1381-100000@rosebud.imaginos.net>
Sender: owner-kernel-audit@nl.linux.org

On Tue, 4 Jul 2000, Jim Hull wrote:
> [...]
>
> struct stat *st;
> 
>    stat(CONFIG, st);
>    if ((st->st_uid != 0) || (st->st_mode != 33152)) {
>       fprintf(stderr, "Unsecure modes on configuration files\n");
>       exit(1);
>    }
> 
> This worked with absolutly no problems on my laptop. I went to run it on
> my desktop (2.4.0-test2 SMP) and it started segfaulting. It wasn't
> segfaulting at the stat() call, it was segfaulting in weird places like a
> syslog() or a execv().
> 
> [...]
>
> Would this be my poor implementation of stat, or would this actually be a
> kernel bug.

Neither, this is a bad use of stat.  In this case, st is an uninitialized
pointer and you are having stat treat that as a pointer to some random
location in memory which it dutifully fills with the stat information.
Change your code to

struct stat st;              /* note not *st, just st */

stat(CONFIG, &st);           /* note &st not st */

and things will get much better.

		--Steve

  "We have a government of law, and government officials must
  be held accountable under the law."

    -- Judge Royce Lamberth
       U.S. District Court for the District of Columbia


Kernel-audit:  discussion list for security and the linux kernel
Archive:       http://mail.nl.linux.org/kernel-audit/

Follow-Ups:
- Re: Weirdness with stat()
  - From: Jim Hull <imaginos@imaginos.net>

References:
- Weirdness with stat()
  - From: Jim Hull <imaginos@imaginos.net>

Prev by Date: Weirdness with stat()
Next by Date: Re: Weirdness with stat()
Prev by thread: Weirdness with stat()
Next by thread: Re: Weirdness with stat()
Index(es):
- Date
- Thread