From 9c57576a4b89e513f003e390648c8af00b978e60 Mon Sep 17 00:00:00 2001 From: Loris Nardo Date: Sat, 27 Jul 2024 18:40:23 +0200 Subject: [PATCH] open: Fix race condition when called with O_TRUNC Fix a race condition in which a file opened with O_TRUNC is made available to other file functions expecting a file descriptor before the truncation is performed. This is only possible if the other thread was using an invalid file descriptor as the open call has yet to finish. Closes #5109 --- cpukit/libcsupport/src/open.c | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/cpukit/libcsupport/src/open.c b/cpukit/libcsupport/src/open.c index 94a9f9a586..95de789cd2 100644 --- a/cpukit/libcsupport/src/open.c +++ b/cpukit/libcsupport/src/open.c @@ -142,16 +142,26 @@ static int do_open( rv = (*iop->pathinfo.handlers->open_h)( iop, path, oflag, mode ); if ( rv == 0 ) { - rtems_libio_iop_flags_set( iop, LIBIO_FLAGS_OPEN ); - + /* + * Postpone the setting of LIBIO_FLAGS_OPEN after the truncation of the + * file, this ensures that the file descriptor cannot be used or closed + * during or just before the truncation by some other thread. + */ if ( truncate ) { - rv = ftruncate( fd, 0 ); + if ( write_access ) { + rv = (*iop->pathinfo.handlers->ftruncate_h)( iop, 0 ); + } else { + rv = -1; + errno = EINVAL; + } + if ( rv != 0 ) { (*iop->pathinfo.handlers->close_h)( iop ); } } if ( rv == 0 ) { + rtems_libio_iop_flags_set( iop, LIBIO_FLAGS_OPEN ); rv = fd; } else { rv = -1;