kernel_collector.cc - Issue 4603001: crash-reporter: Avoid writing through symlinks. - Code Review

Chromium Code Reviews

chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out

(156)

My Issues | Starred Open | Closed | All

Unified Diff: kernel_collector.cc

Issue 4603001: crash-reporter: Avoid writing through symlinks. (Closed) Base URL: http://git.chromium.org/git/crash-reporter.git@master

Patch Set: Respond to review Created 10 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

« no previous file with comments | « crash_collector_test.cc ('k') | user_collector.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: kernel_collector.cc

diff --git a/kernel_collector.cc b/kernel_collector.cc

index c95873347dd435b1247e093fb69d0cd1623450e4..4fa51e26e7d2752e494defbca0f5e870323af38d 100644

--- a/kernel_collector.cc

+++ b/kernel_collector.cc

@@ -277,9 +277,12 @@ bool KernelCollector::Collect() {

FilePath kernel_crash_path = root_crash_directory.Append(

StringPrintf("%s.kcrash", dump_basename.c_str()));

- if (file_util::WriteFile(kernel_crash_path,

- kernel_dump.data(),

- kernel_dump.length()) !=

+ // We must use WriteNewFile instead of file_util::WriteFile as we

+ // do not want to write with root access to a symlink that an attacker

+ // might have created.

+ if (WriteNewFile(kernel_crash_path,

+ kernel_dump.data(),

+ kernel_dump.length()) !=

static_cast<int>(kernel_dump.length())) {

logger_->LogInfo("Failed to write kernel dump to %s",

kernel_crash_path.value().c_str());

« no previous file with comments | « crash_collector_test.cc ('k') | user_collector.h » ('j') | no next file with comments »

Powered by Google App Engine

This is Rietveld 408576698