[CDRIVER-2178] Coverity analysis defect 72298: Time of check time of use Created: 09/Jun/17  Updated: 28/Oct/23  Resolved: 30/Jun/17

Status: Closed
Project: C Driver
Component/s: None
Affects Version/s: None
Fix Version/s: 1.7.0

Type: Bug Priority: Major - P3
Reporter: Coverity Collector User Assignee: A. Jesse Jiryu Davis
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified


 Description   

A check occurs on a file's attributes before the file is used in a privileged operation, but things may have changed

Defect 72298 (STATIC_C)
Checker TOCTOU (subcategory none)
File: /examples/mongoc-dump.c
Function mongoc_dump_collection
/examples/mongoc-dump.c, line: 64
Calling function "access" to perform check on "path".

       if (0 == access (path, F_OK)) {

/examples/mongoc-dump.c, line: 65
Calling function "unlink" that uses "path" after a check function. This can cause a time-of-check, time-of-use race condition.

          unlink (path);

File: /examples/mongoc-dump.c
Function mongoc_dump_collection
/examples/mongoc-dump.c, line: 64
Calling function "access" to perform check on "path".

       if (0 == access (path, F_OK)) {

/examples/mongoc-dump.c, line: 69
Calling function "fopen" that uses "path" after a check function. This can cause a time-of-check, time-of-use race condition.

       stream = fopen (path, "w");



 Comments   
Comment by Githook User [ 30/Jun/17 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: CDRIVER-2178 TOCTOU warning in example code

Coverity warns about time-of-check, time-of-use race in mongoc-dump.c.
Branch: master
https://github.com/mongodb/mongo-c-driver/commit/372a3d568eff4e922f669b2796f8443bf9bbd5bf

Generated at Wed Feb 07 21:14:25 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.