[prev in list] [next in list] [prev in thread] [next in thread] 

List:       wget
Subject:    Re: Wget race condition vulnerability (fwd)
From:       Hrvoje Niksic <hniksic () xemacs ! org>
Date:       2004-05-17 22:29:18
Message-ID: m2iseu3cxt.fsf () hniksic ! iskon ! hr
[Download RAW message or body]

Thanks for forwarding this.  The idea was for Wget to print the file
name it will write to, and yet to refrain from creating the file until
the data arrives.

One way to solve this is to use O_EXCL when opening the file, and
refusing to write to files that cannot be so opened.  Essentially,
Wget would assert that the file doesn't exist when it shouldn't be.

In pseudo-code:

1. Check if FILE exists.  If yes, try with FILE-1, FILE-2, etc., until
   a non-existent file name is found.  Announce the file name to the
   user, but don't create the file.

2. Send headers, etc.

3. When the data starts arriving, open the file with open(...,
   O_EXCL|O_CREAT)+fdopen.  If open fails, report an error and give
   up.

[prev in list] [next in list] [prev in thread] [next in thread] 

Configure | About | News | Add a list | Sponsored by KoreLogic