mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2024-12-26 18:20:21 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

test/pkcs7: Fix TOCTOU race condition

Browse Source 
Separately checking the state of a file before operating on it may allow
an attacker to modify the file between the two operations. (CWE-367)

Signed-off-by: Mingjie Shen <shen497@purdue.edu>
This commit is contained in:
Mingjie Shen 2024-03-05 19:10:06 -05:00
parent 31403a4ca8
commit 9f80b23edb
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
tests/suites/test_suite_pkcs7.function
View File

@ -121,12 +121,12 @@ void pkcs7_verify(char *pkcs7_file,
TEST_EQUAL(res, 0);
}
res = stat(filetobesigned, &st);
TEST_EQUAL(res, 0);
file = fopen(filetobesigned, "rb");
TEST_ASSERT(file != NULL);
res = fstat(fileno(file), &st);
TEST_EQUAL(res, 0);
datalen = st.st_size;
/* Special-case for zero-length input so that data will be non-NULL */
TEST_CALLOC(data, datalen == 0 ? 1 : datalen);