This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: cygwin1.dll bug in open(O_EXCL)

Hash: SHA1

According to Corinna Vinschen on 8/24/2007 8:56 AM:
>> According to POSIX, this should have failed with EEXIST, and oops should
>> not have been created.
> If I understand this right, it means that O_EXCL implies not following
> symlinks.  I've applied a matching patch to CVS.  Please give it a try.

Looks like that got it.  Once cygwin 1.7.0 comes out, I will revert my
hack to tar-1.18-2 (I had to add a non-atomic lstat prior to the
open(O_CREAT|O_EXCL) to check for the existence of symlinks; it fixes the
original bug in tar behavior, but adds an alternate bug in the form of a
small race window where a malicious symlink could be injected between the
lstat and open).

As a side effect of your change, open("broken_symlink", O_RDWR|O_EXCL) now
fails with EACCES instead of ENOENT, but since POSIX leaves O_EXCL without
O_CREAT as undefined behavior, I'm not too worried (I checked this case,
because your patch made it so that the code path actually defers to
fhandler::open on a symlink, whereas before it did not; I don't care what
the error is, as long as it is not possible to grab an fd on a raw
unfollowed symlink).

- --
Don't work too hard, make some time for fun as well!

Eric Blake   
Version: GnuPG v1.4.5 (Cygwin)
Comment: Public key at
Comment: Using GnuPG with Mozilla -


Unsubscribe info:
Problem reports:

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]