Homework Help is Here – Start Your Trial Now!
Engineering
Computer Science
Code A (below) first checks the status of a file and then opens it and uses it. It contains a vulnerability. Explain what the vulnerability is and why Code B (below) resolves the vulnerability.

Code A (below) first checks the status of a file and then opens it and uses it. It contains a vulnerability. Explain what the vulnerability is and why Code B (below) resolves the vulnerability.

Database System Concepts
Database System Concepts
7th Edition
ISBN:9780078022159
Author:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Chapter1: Introduction
Section: Chapter Questions
Problem 1PE
See similar textbooks
icon
Related questions
Question

Code A (below) first checks the status of a file and then opens it and uses it. It contains a vulnerability.
Explain what the vulnerability is and why Code B (below) resolves the vulnerability.

Code B: 1. struct stat lstat_info, fstat_info; 2. int fd; 3. if (lstat("some_file", &lstat_info) == -1) { 4. err (1, "lstat"); 5. } 6. if ((fd = open("some_file", O_EXCL | O_RDWR, 0600)) 7. err(2, "some_file"); 8. } 9. if (fstat (fd, &fstat_info) == -1) 10. { 11. 12. } 13. if (lstat_info.st_mode == fstat_info.st_mode && 14. lstat_info.st_ino == fstat_info.st_ino) 15. //process the file - err (3, "fstat"); == -1) {
Transcribed Image Text:Code B: 1. struct stat lstat_info, fstat_info; 2. int fd; 3. if (lstat("some_file", &lstat_info) == -1) { 4. err (1, "lstat"); 5. } 6. if ((fd = open("some_file", O_EXCL | O_RDWR, 0600)) 7. err(2, "some_file"); 8. } 9. if (fstat (fd, &fstat_info) == -1) 10. { 11. 12. } 13. if (lstat_info.st_mode == fstat_info.st_mode && 14. lstat_info.st_ino == fstat_info.st_ino) 15. //process the file - err (3, "fstat"); == -1) {
Code A: 1. struct stat lstat_info; 2. int fd; 3. if (1stat ("some_file", &lstat_info) == -1) { 4. err (1, "lstat"); 5. } 6. if ((fd = open("some_file", O_EXCL | O_RDWR, 0600)) 7. err (2, "some_file"); 8. } 9. //process the file == -1) {
Transcribed Image Text:Code A: 1. struct stat lstat_info; 2. int fd; 3. if (1stat ("some_file", &lstat_info) == -1) { 4. err (1, "lstat"); 5. } 6. if ((fd = open("some_file", O_EXCL | O_RDWR, 0600)) 7. err (2, "some_file"); 8. } 9. //process the file == -1) {
Expert Solution
steps

Step by step

Solved in 4 steps

SEE SOLUTIONCheck out a sample Q&A here
Blurred answer
Knowledge Booster
Parallel and Distributed Storage
Learn more about
Need a deep-dive on the concept behind this application? Look no further. Learn more about this topic, computer-science and related others by exploring similar questions and additional content below.
Recommended textbooks for you
Database System Concepts
Database System Concepts
Computer Science
ISBN:
9780078022159
Author:
Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:
McGraw-Hill Education
Starting Out with Python (4th Edition)
Starting Out with Python (4th Edition)
Computer Science
ISBN:
9780134444321
Author:
Tony Gaddis
Publisher:
PEARSON
Digital Fundamentals (11th Edition)
Digital Fundamentals (11th Edition)
Computer Science
ISBN:
9780132737968
Author:
Thomas L. Floyd
Publisher:
PEARSON
C How to Program (8th Edition)
C How to Program (8th Edition)
Computer Science
ISBN:
9780133976892
Author:
Paul J. Deitel, Harvey Deitel
Publisher:
PEARSON
Database Systems: Design, Implementation, & Manag…
Database Systems: Design, Implementation, & Manag…
Computer Science
ISBN:
9781337627900
Author:
Carlos Coronel, Steven Morris
Publisher:
Cengage Learning
Programmable Logic Controllers
Programmable Logic Controllers
Computer Science
ISBN:
9780073373843
Author:
Frank D. Petruzella
Publisher:
McGraw-Hill Education
SEE MORE TEXTBOOKS