[dpdk-dev] [PATCH v2 2/4] net/mlx4: spawn rdma-core dependency plug-in

Marcelo Ricardo Leitner mleitner at redhat.com
Sat Jan 27 16:03:06 CET 2018


On Fri, Jan 26, 2018 at 03:19:00PM +0100, Adrien Mazarguil wrote:
...
> +static int
> +mlx4_glue_init(void)
> +{
> +	char file[] = "/tmp/" MLX4_DRIVER_NAME "_XXXXXX";
> +	int fd = mkstemp(file);
...
> +	while (off != mlx4_glue_lib_size) {
> +		ssize_t ret;
> +
> +		ret = write(fd, (const uint8_t *)mlx4_glue_lib + off,
> +			    mlx4_glue_lib_size - off);
> +		if (ret == -1) {
> +			if (errno != EINTR) {
> +				rte_errno = errno;
> +				goto glue_error;
> +			}
> +			ret = 0;
> +		}
> +		off += ret;
> +	}
> +	close(fd);
> +	fd = -1;
> +	handle = dlopen(file, RTLD_LAZY);
> +	unlink(file);

This is a potential security issue. There are no guarantees that the
file dlopen() will open is the file that was just written above. It
could have been changed by something else in between.

  Marcelo


More information about the dev mailing list