From 2fc7a2712f44de68b0fade4badb07ce9ea07ed16 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Petr=20=C5=A0tetiar?= Date: Wed, 31 Jul 2019 14:07:11 +0200 Subject: [PATCH] firmware-utils: uimage_padhdr: fix Coverity issue MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Fixes following issue reported by Coverity scan: *** CID 1452085: Security best practices violations (TOCTOU) /tools/firmware-utils/src/uimage_padhdr.c: 100 in main() 94 95 if (!infname || !outfname) { 96 usage(argv[0]); 97 exit(1); 98 } 99 >>> CID 1452085: Security best practices violations (TOCTOU) >>> Calling function "stat" to perform check on "infname". 100 if (stat(infname, &statbuf) < 0) { Fixes: a1c6a316d299 ("ramips: add support for Fon FON2601") Signed-off-by: Petr Å tetiar --- src/uimage_padhdr.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/src/uimage_padhdr.c b/src/uimage_padhdr.c index b5fb97d..d1a1efb 100644 --- a/src/uimage_padhdr.c +++ b/src/uimage_padhdr.c @@ -97,18 +97,6 @@ int main(int argc, char *argv[]) exit(1); } - if (stat(infname, &statbuf) < 0) { - fprintf(stderr, - "could not find input file. (errno = %d)\n", errno); - exit(1); - } - - filebuf = malloc(statbuf.st_size + padsz); - if (!filebuf) { - fprintf(stderr, "buffer allocation failed\n"); - exit(1); - } - ifd = open(infname, O_RDONLY); if (ifd < 0) { fprintf(stderr, @@ -123,6 +111,18 @@ int main(int argc, char *argv[]) exit(1); } + if (fstat(ifd, &statbuf) < 0) { + fprintf(stderr, + "could not fstat input file. (errno = %d)\n", errno); + exit(1); + } + + filebuf = malloc(statbuf.st_size + padsz); + if (!filebuf) { + fprintf(stderr, "buffer allocation failed\n"); + exit(1); + } + rsz = read(ifd, filebuf, sizeof(*imgh)); if (rsz != sizeof(*imgh)) { fprintf(stderr, -- 2.30.2