fs_mkdirs: use O_NOFOLLOW and O_CLOEXEC
Don't follow symlinks. Suggestion from Jann Horn. Also, add O_CLOEXEC. This prevents file descriptor leakage should this code ever run in a multithreaded environment. I'm not sure if either of these changes actually address any security concerns, but it's harmless, so go ahead and add it. Bug: 15675141 Change-Id: I7ba4e9d10439b7150f59759b54e3ad8ccba411e3
This commit is contained in:
parent
e5fdfcdcb4
commit
30a86ebc7a
|
@ -212,7 +212,7 @@ int fs_mkdirs(const char* path, mode_t mode) {
|
|||
|
||||
/* Yay, segment is ready for us to step into */
|
||||
int next_fd;
|
||||
if ((next_fd = openat(fd, segment, 0)) == -1) {
|
||||
if ((next_fd = openat(fd, segment, O_NOFOLLOW | O_CLOEXEC)) == -1) {
|
||||
ALOGE("Failed to openat(%s): %s", buf, strerror(errno));
|
||||
res = -errno;
|
||||
goto done_close;
|
||||
|
|
Loading…
Reference in New Issue