lib/utmp: merge file access
Avoid checking if the file exists before opening it. Resolves a CodeQL report of Time-of-check time-of-use filesystem race condition.
This commit is contained in:
Christian Göttsche
committed by
Serge Hallyn
Serge Hallyn
parent
0d7cb003b7
commit
7f20bb88ad
12
lib/utmp.c
12
lib/utmp.c
@@ -85,15 +85,13 @@ static void failtmp (const char *username, const struct utmp *failent)
|
||||
* feature to be used.
|
||||
*/
|
||||
|
||||
if (access (ftmp, F_OK) != 0) {
|
||||
return;
|
||||
}
|
||||
|
||||
fd = open (ftmp, O_WRONLY | O_APPEND);
|
||||
if (-1 == fd) {
|
||||
SYSLOG ((LOG_WARN,
|
||||
"Can't append failure of user %s to %s.",
|
||||
username, ftmp));
|
||||
if (errno != ENOENT) {
|
||||
SYSLOG ((LOG_WARN,
|
||||
"Can't append failure of user %s to %s: %m",
|
||||
username, ftmp));
|
||||
}
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user