Fix: remove use of stat()

1019896 Time of check time of use
In utils_mkdir_recursive: A check occurs on a file's attributes before
the file is used in a privileged operation, but things may have changed
(CWE-367)

mkdir() is already doing the EEXIST check.

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>

diff --git a/src/common/utils.c b/src/common/utils.c
index 38f78a7e8e7d40cd6fcebefd297e5bb240c52aaf..3e659a1c81079d74b52aab9993c555fcaba6b62d 100644 (file)
--- a/src/common/utils.c
+++ b/src/common/utils.c
@@ -22,8 +22,8 @@
 #include <limits.h>
 #include <stdlib.h>
 #include <string.h>
-#include <sys/types.h>
 #include <sys/stat.h>
+#include <sys/types.h>
 #include <unistd.h>
 #include <inttypes.h>
 #include <regex.h>
@@ -248,7 +248,6 @@ LTTNG_HIDDEN
 int utils_mkdir_recursive(const char *path, mode_t mode)
 {
        char *p, tmp[PATH_MAX];
-       struct stat statbuf;
        size_t len;
        int ret;
 
@@ -276,15 +275,12 @@ int utils_mkdir_recursive(const char *path, mode_t mode)
                                ret = -1;
                                goto error;
                        }
-                       ret = stat(tmp, &statbuf);
+                       ret = mkdir(tmp, mode);
                        if (ret < 0) {
-                               ret = mkdir(tmp, mode);
-                               if (ret < 0) {
-                                       if (errno != EEXIST) {
-                                               PERROR("mkdir recursive");
-                                               ret = -errno;
-                                               goto error;
-                                       }
+                               if (errno != EEXIST) {
+                                       PERROR("mkdir recursive");
+                                       ret = -errno;
+                                       goto error;
                                }
                        }
                        *p = '/';