Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 16 May 2015 16:38:29 +0200
From: Jakub Wilk <jwilk@...lk.net>
To: oss-security@...ts.openwall.com
Cc: qemu-devel@...gnu.org
Subject: Re: QEMU 2.3.0 tmp vulns CVE request

* Michael Tokarev <mjt@....msk.ru>, 2015-05-16, 11:45:
>>./net/slirp.c:
>>    snprintf(s->smb_dir, sizeof(s->smb_dir), "/tmp/qemu-smb.%ld-%d",
>>             (long)getpid(), instance++);
>
>This one is real, used for -smb argument, to start smbd, making its 
>configuration.  Maybe tmpnam() should be used here.

"Never use this function.  Use mkstemp(3) or tmpfile(3) instead."

-- 
Jakub Wilk

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ