[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [tlsdate/master] tlsdated: remove rmrf()
commit ed1b336ca84f2f71c70f91d0d7aeb5a3ae4b547b
Author: elly <elly@xxxxxxxxxxxxxx>
Date: Thu May 9 13:40:16 2013 -0400
tlsdated: remove rmrf()
This function, while handy and presently used safely, could become dangerous if
someone later adds a call to it that passes in attacker-controlled input.
Therefore, hardcode calls to unlink(2) and rmdir(2) for the files tlsdated
presently creates. This has the pleasant (?) side-effect of breaking unit-tests
whenever tlsdated creates files we don't explicitly list on disk.
BUG=None
TEST=unit
Signed-off-by: Elly Fong-Jones <ellyjones@xxxxxxxxxxxx>
---
src/tlsdated-unittest.c | 13 ++++++-------
1 files changed, 6 insertions(+), 7 deletions(-)
diff --git a/src/tlsdated-unittest.c b/src/tlsdated-unittest.c
index baed329..cb30313 100644
--- a/src/tlsdated-unittest.c
+++ b/src/tlsdated-unittest.c
@@ -27,14 +27,13 @@ FIXTURE_SETUP(tempdir) {
ASSERT_NE(NULL, p);
}
-int rmrf(char *dir) {
- char buf[256];
- snprintf(buf, sizeof(buf), "rm -rf %s", dir);
- return system(buf);
-}
-
FIXTURE_TEARDOWN(tempdir) {
- ASSERT_EQ(0, rmrf(self->path));
+ char buf[256];
+ snprintf(buf, sizeof(buf), "%s/load", self->path);
+ unlink(buf);
+ snprintf(buf, sizeof(buf), "%s/save", self->path);
+ unlink(buf);
+ ASSERT_EQ(0, rmdir(self->path));
}
int write_time(const char *path, time_t time) {
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits