diff options
author | Sylvestre Ledru <sylvestre@debian.org> | 2014-06-16 20:31:15 +0000 |
---|---|---|
committer | Sylvestre Ledru <sylvestre@debian.org> | 2014-06-16 20:31:15 +0000 |
commit | 4a2040bc0e31b797d1e666c14c969b49016d0dad (patch) | |
tree | 2d1f919f550fc15d1faccce5675b0cf573dfdd8e /tools | |
parent | e4d7f02c0699f734a9ea83e2dc4b5512f4700ec0 (diff) | |
download | clang-4a2040bc0e31b797d1e666c14c969b49016d0dad.tar.gz clang-4a2040bc0e31b797d1e666c14c969b49016d0dad.tar.bz2 clang-4a2040bc0e31b797d1e666c14c969b49016d0dad.tar.xz |
Check that the directory does not exist.
Otherwise, it could allows local users to obtain sensitive information or
overwrite arbitrary files via a symlink attack on temporary directories with
predictable names.
Reported as CVE-2014-2893 ( https://security-tracker.debian.org/tracker/CVE-2014-2893 )
Found by Jakub Wilk
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@211051 91177308-0d34-0410-b5e6-96231b3b80d8
Diffstat (limited to 'tools')
-rwxr-xr-x | tools/scan-build/scan-build | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/tools/scan-build/scan-build b/tools/scan-build/scan-build index 862bd3a4ca..b740cd21e6 100755 --- a/tools/scan-build/scan-build +++ b/tools/scan-build/scan-build @@ -206,6 +206,12 @@ sub GetHTMLRunDir { else { $NewDir = "$Dir/$DateString-$RunNumber"; } + + # Make sure that the directory does not exist in order to avoid hijack. + if (-d $NewDir) { + DieDiag("The directory '$NewDir' already exists.\n"); + } + mkpath($NewDir); return $NewDir; } |