alpine 3.6
tmpfile weakness #100

4

Weakness Breakdown


Definition:

A temporary file weakness occurs when a temporary file that is created and used by a high-privilege process is accidentally shared with a low-privilege process, on account of it being temporary and generated after all security controls have been applied. This allows the low-privilege process to read data from the high-privilege process (information leakage), or worse, influence the high-privilege process by modifying the shared temporary file.

Warning code(s):

Temporary file race condition.

File Name:

transmission/src/transmission-2.92/libtransmission/file-posix.c

Context:

The highlighted line of code below is the trigger point of this particular Alpine 3.6 tmpfile weakness.

     {
      if (my_error != NULL)
        tr_error_propagate (error, &my_error);
      else
        set_system_error (error, errno);
    }

  return ret;
}

bool
tr_sys_dir_create_temp (char      * path_template,
                        tr_error ** error)
{
  bool ret;

  assert (path_template != NULL);

#ifdef HAVE_MKDTEMP

  ret = mkdtemp (path_template) != NULL;

#else

  ret = mktemp (path_template) != NULL && mkdir (path_template, 0700) != -1;

#endif

  if (!ret)
    set_system_error (error, errno);

  return ret;
}

tr_sys_dir_t
tr_sys_dir_open (const char  * path,
                 tr_error   ** error)
{
  tr_sys_dir_t ret;

#ifndef __clang__
  /* Clang gives "static_assert expression is not an integral constant expression" error */
  TR_STATIC_ASSERT (TR_BAD_SYS_DIR == NULL, "values should match");
#endif

  assert (path != NULL);

  ret = opendir (path);

  if (ret == TR_BAD_SYS_DIR) 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.