From 4967b25b95d839bff71d63d2b1544de026391fef Mon Sep 17 00:00:00 2001 From: Collin Date: Thu, 26 Jun 2025 19:34:54 -0500 Subject: [PATCH 1/4] Update log.c to Solve High CodeQL alert Time-of-check time-of-use filesystem race condition Fixes a bug found in how log files worked. Feel free to make any changes. --- os/log.c | 31 +++++++++++++++++-------------- 1 file changed, 17 insertions(+), 14 deletions(-) diff --git a/os/log.c b/os/log.c index 60837b10d..09bad3289 100644 --- a/os/log.c +++ b/os/log.c @@ -178,24 +178,27 @@ LogFilePrep(const char *fname, const char *backup, const char *idstring) if (asprintf(&logFileName, fname, idstring) == -1) FatalError("Cannot allocate space for the log file name\n"); - if (backup && *backup) { - struct stat buf; + int fd = open(logFileName, O_RDWR | O_NOFOLLOW);Add commentMore actions + if (fd != -1) { + struct stat buf; + if (fstat(fd, &buf) == 0 && S_ISREG(buf.st_mode)) { + char *suffix; + char *oldLog; - if (!stat(logFileName, &buf) && S_ISREG(buf.st_mode)) { - char *suffix; - char *oldLog; + if ((asprintf(&suffix, backup, idstring) == -1) || + (asprintf(&oldLog, "%s%s", logFileName, suffix) == -1)) { + FatalError("Cannot allocate space for the log file name\n"); + } + free(suffix); - if ((asprintf(&suffix, backup, idstring) == -1) || - (asprintf(&oldLog, "%s%s", logFileName, suffix) == -1)) { - FatalError("Cannot allocate space for the log file name\n"); - } - free(suffix); - - if (rename(logFileName, oldLog) == -1) { - FatalError("Cannot move old log file \"%s\" to \"%s\"\n", - logFileName, oldLog); + if (renameat(AT_FDCWD, logFileName, AT_FDCWD, oldLog) == -1) { + FatalError("Cannot move old log file \"%s\" to \"%s\"\n", + logFileName, oldLog); + } + free(oldLog); } free(oldLog); + close(fd); } } else { From 9550c28e6efd7f517e441be848dabdb2da32c4fd Mon Sep 17 00:00:00 2001 From: Collin Date: Thu, 26 Jun 2025 21:14:02 -0500 Subject: [PATCH 2/4] Update os/log.c this cleans up comments Co-authored-by: Vedraj Gawas --- os/log.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/os/log.c b/os/log.c index 09bad3289..2f4a1d217 100644 --- a/os/log.c +++ b/os/log.c @@ -178,7 +178,7 @@ LogFilePrep(const char *fname, const char *backup, const char *idstring) if (asprintf(&logFileName, fname, idstring) == -1) FatalError("Cannot allocate space for the log file name\n"); - int fd = open(logFileName, O_RDWR | O_NOFOLLOW);Add commentMore actions + int fd = open(logFileName, O_RDWR | O_NOFOLLOW); if (fd != -1) { struct stat buf; if (fstat(fd, &buf) == 0 && S_ISREG(buf.st_mode)) { From cd336613b611f0a027f01e63f8af2a6577bc1571 Mon Sep 17 00:00:00 2001 From: Collin Date: Fri, 27 Jun 2025 04:57:54 -0500 Subject: [PATCH 3/4] Update log.c From 20e158f076ee5d9a04456441158155925b1de4ee Mon Sep 17 00:00:00 2001 From: Collin Date: Fri, 27 Jun 2025 06:09:32 -0500 Subject: [PATCH 4/4] Update log.c --- os/log.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/os/log.c b/os/log.c index 2f4a1d217..decfeaaa2 100644 --- a/os/log.c +++ b/os/log.c @@ -178,6 +178,7 @@ LogFilePrep(const char *fname, const char *backup, const char *idstring) if (asprintf(&logFileName, fname, idstring) == -1) FatalError("Cannot allocate space for the log file name\n"); + if (backup && *backup) { int fd = open(logFileName, O_RDWR | O_NOFOLLOW); if (fd != -1) { struct stat buf; @@ -197,7 +198,6 @@ LogFilePrep(const char *fname, const char *backup, const char *idstring) } free(oldLog); } - free(oldLog); close(fd); } }