[tor-commits] [tlsdate/debian-master] tlsdated: remove rmrf()
ioerror at torproject.org
ioerror at torproject.org
Thu Oct 31 10:25:57 UTC 2013
commit ed1b336ca84f2f71c70f91d0d7aeb5a3ae4b547b
Author: elly <elly at leptoquark.net>
Date: Thu May 9 13:40:16 2013 -0400
tlsdated: remove rmrf()
This function, while handy and presently used safely, could become dangerous if
someone later adds a call to it that passes in attacker-controlled input.
Therefore, hardcode calls to unlink(2) and rmdir(2) for the files tlsdated
presently creates. This has the pleasant (?) side-effect of breaking unit-tests
whenever tlsdated creates files we don't explicitly list on disk.
BUG=None
TEST=unit
Signed-off-by: Elly Fong-Jones <ellyjones at chromium.org>
---
src/tlsdated-unittest.c | 13 ++++++-------
1 file changed, 6 insertions(+), 7 deletions(-)
diff --git a/src/tlsdated-unittest.c b/src/tlsdated-unittest.c
index baed329..cb30313 100644
--- a/src/tlsdated-unittest.c
+++ b/src/tlsdated-unittest.c
@@ -27,14 +27,13 @@ FIXTURE_SETUP(tempdir) {
ASSERT_NE(NULL, p);
}
-int rmrf(char *dir) {
- char buf[256];
- snprintf(buf, sizeof(buf), "rm -rf %s", dir);
- return system(buf);
-}
-
FIXTURE_TEARDOWN(tempdir) {
- ASSERT_EQ(0, rmrf(self->path));
+ char buf[256];
+ snprintf(buf, sizeof(buf), "%s/load", self->path);
+ unlink(buf);
+ snprintf(buf, sizeof(buf), "%s/save", self->path);
+ unlink(buf);
+ ASSERT_EQ(0, rmdir(self->path));
}
int write_time(const char *path, time_t time) {
More information about the tor-commits
mailing list