Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/63304/?format=api
http://patchwork.dpdk.org/api/patches/63304/?format=api", "web_url": "http://patchwork.dpdk.org/project/dpdk/patch/20191126151900.70915-1-jin.yu@intel.com/", "project": { "id": 1, "url": "http://patchwork.dpdk.org/api/projects/1/?format=api", "name": "DPDK", "link_name": "dpdk", "list_id": "dev.dpdk.org", "list_email": "dev@dpdk.org", "web_url": "http://core.dpdk.org", "scm_url": "git://dpdk.org/dpdk", "webscm_url": "http://git.dpdk.org/dpdk", "list_archive_url": "https://inbox.dpdk.org/dev", "list_archive_url_format": "https://inbox.dpdk.org/dev/{}", "commit_url_format": "" }, "msgid": "<20191126151900.70915-1-jin.yu@intel.com>", "list_archive_url": "https://inbox.dpdk.org/dev/20191126151900.70915-1-jin.yu@intel.com", "date": "2019-11-26T15:19:00", "name": "vhost: fix insecure temporary file", "commit_ref": null, "pull_url": null, "state": "rejected", "archived": true, "hash": "10a7f316d6e17edafd17ed93f0c6ea3d09c969da", "submitter": { "id": 1265, "url": "http://patchwork.dpdk.org/api/people/1265/?format=api", "name": "Jin Yu", "email": "jin.yu@intel.com" }, "delegate": { "id": 2642, "url": "http://patchwork.dpdk.org/api/users/2642/?format=api", "username": "mcoquelin", "first_name": "Maxime", "last_name": "Coquelin", "email": "maxime.coquelin@redhat.com" }, "mbox": "http://patchwork.dpdk.org/project/dpdk/patch/20191126151900.70915-1-jin.yu@intel.com/mbox/", "series": [ { "id": 7627, "url": "http://patchwork.dpdk.org/api/series/7627/?format=api", "web_url": "http://patchwork.dpdk.org/project/dpdk/list/?series=7627", "date": "2019-11-26T15:19:00", "name": "vhost: fix insecure temporary file", "version": 1, "mbox": "http://patchwork.dpdk.org/series/7627/mbox/" } ], "comments": "http://patchwork.dpdk.org/api/patches/63304/comments/", "check": "fail", "checks": "http://patchwork.dpdk.org/api/patches/63304/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<dev-bounces@dpdk.org>", "X-Original-To": "patchwork@inbox.dpdk.org", "Delivered-To": "patchwork@inbox.dpdk.org", "Received": [ "from dpdk.org (dpdk.org [92.243.14.124])\n\tby inbox.dpdk.org (Postfix) with ESMTP id 08778A04C1;\n\tTue, 26 Nov 2019 08:36:54 +0100 (CET)", "from [92.243.14.124] (localhost [127.0.0.1])\n\tby dpdk.org (Postfix) with ESMTP id 479512A5D;\n\tTue, 26 Nov 2019 08:36:54 +0100 (CET)", "from mga04.intel.com (mga04.intel.com [192.55.52.120])\n by dpdk.org (Postfix) with ESMTP id 5DAE6A3;\n Tue, 26 Nov 2019 08:36:52 +0100 (CET)", "from fmsmga002.fm.intel.com ([10.253.24.26])\n by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;\n 25 Nov 2019 23:36:51 -0800", "from storage36.sh.intel.com ([10.67.110.177])\n by fmsmga002.fm.intel.com with ESMTP; 25 Nov 2019 23:36:50 -0800" ], "X-Amp-Result": "SKIPPED(no attachment in message)", "X-Amp-File-Uploaded": "False", "X-ExtLoop1": "1", "X-IronPort-AV": "E=Sophos;i=\"5.69,244,1571727600\"; d=\"scan'208\";a=\"239831873\"", "From": "Jin Yu <jin.yu@intel.com>", "To": "Maxime Coquelin <maxime.coquelin@redhat.com>,\n Tiwei Bie <tiwei.bie@intel.com>, Zhihong Wang <zhihong.wang@intel.com>", "Cc": "dev@dpdk.org,\n\tJin Yu <jin.yu@intel.com>,\n\tstable@dpdk.org", "Date": "Tue, 26 Nov 2019 23:19:00 +0800", "Message-Id": "<20191126151900.70915-1-jin.yu@intel.com>", "X-Mailer": "git-send-email 2.17.2", "Subject": "[dpdk-dev] [PATCH] vhost: fix insecure temporary file", "X-BeenThere": "dev@dpdk.org", "X-Mailman-Version": "2.1.15", "Precedence": "list", "List-Id": "DPDK patches and discussions <dev.dpdk.org>", "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n <mailto:dev-request@dpdk.org?subject=unsubscribe>", "List-Archive": "<http://mails.dpdk.org/archives/dev/>", "List-Post": "<mailto:dev@dpdk.org>", "List-Help": "<mailto:dev-request@dpdk.org?subject=help>", "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n <mailto:dev-request@dpdk.org?subject=subscribe>", "Errors-To": "dev-bounces@dpdk.org", "Sender": "\"dev\" <dev-bounces@dpdk.org>" }, "content": "When using mkstemp(), remember to safely set the umask\nbefore to restrict the resulting temporary file\npermissions to only the owner.\n\nCoverity issue: 350367\nFixes: d87f1a1cb7b6 (\"vhost: support inflight info sharing\")\nCc: stable@dpdk.org\n\nSigned-off-by: Jin Yu <jin.yu@intel.com>\n---\n lib/librte_vhost/vhost_user.c | 2 ++\n 1 file changed, 2 insertions(+)", "diff": "diff --git a/lib/librte_vhost/vhost_user.c b/lib/librte_vhost/vhost_user.c\nindex 0cfb8b792..1a68e23e3 100644\n--- a/lib/librte_vhost/vhost_user.c\n+++ b/lib/librte_vhost/vhost_user.c\n@@ -1342,6 +1342,7 @@ inflight_mem_alloc(const char *name, size_t size, int *fd)\n \tRTE_SET_USED(name);\n #endif\n \tif (mfd == -1) {\n+\t\tmode_t mask = umask(0600);\n \t\tmfd = mkstemp(fname);\n \t\tif (mfd == -1) {\n \t\t\tRTE_LOG(ERR, VHOST_CONFIG,\n@@ -1349,6 +1350,7 @@ inflight_mem_alloc(const char *name, size_t size, int *fd)\n \t\t\treturn NULL;\n \t\t}\n \n+\t\tumask(mask);\n \t\tunlink(fname);\n \t}\n \n", "prefixes": [] }{ "id": 63304, "url": "