...
| Code Block | ||||
|---|---|---|---|---|
| ||||
#include <stdio.h>
#include <unistd.h>
#include <fcntl.h>
void open_some_file(const char *file) {
int fd = open(file, O_CREAT | O_EXCL | O_WRONLY);
if (-1 != fd) {
FILE *f = fdopen(fd, "w");
if (NULL != f) {
/* Write to file */
if (fclose(f) == EOF) {
/* Handle error */
}
}
else {
if (close(fd) == -1) {
/* Handle error */
}
}
}
} |
Exceptions
FIO45-C-EX1: TOCTOU race conditions require that the vulnerable process is more privileged than the attacker; otherwise there is nothing to be gained from a successful attack. An unprivileged process is not subject to this rule.
FIO45-C-EX2: Accessing a file name or path name multiple times is permitted if the file referenced resides in a secure directory (for more information, see FIO15-C. Ensure that file operations are performed in a secure directory).
FIO45-C-EX3: Accessing a file name or path name multiple times is permitted if the program can verify that every operation operates on the same file.
...