[PATCH] libcsupport: Fix TOCTOU in getchark()

Joel Sherrill joel at rtems.org
Wed Jul 28 16:27:25 UTC 2021 

On Wed, Jul 28, 2021 at 11:23 AM Gedare Bloom <gedare at rtems.org> wrote:
>
> On Wed, Jul 28, 2021 at 9:13 AM Joel Sherrill <joel at rtems.org> wrote:
> >
> > Is this a Coverity issue? Does it have a CID?
> >
> > I remembered TOCTOU as an acronym analysis reports used
> > but had to look up the meaning. I don't know what to do so someone
> > else would not have to look it up beyond explaining it in the long comment.
> > It is missing what was checked and used that flagged the issue. That should
> > definitely be added in the long comment.
> >
> The TOCTOU here is that a global variable is checked and then used,
> and someone could modify it in between. The solution here is to copy
> the global into a local variable before checking and using, so this is
> better. (I can't comment whether it's from a CID, just my analysis
> here.)

The commit message should explain that.

I don't see a CID for this one in the reports but someone should check
that. I don't like their web interface and might have missed something.

>
> > On Wed, Jul 28, 2021 at 9:50 AM Sebastian Huber
> > <sebastian.huber at embedded-brains.de> wrote:
> > >
> > > Fix format, add Doxygen comments, and reduce includes.
> > > ---
> > >  cpukit/libcsupport/src/getchark.c | 21 +++++++++++++--------
> > >  1 file changed, 13 insertions(+), 8 deletions(-)
> > >
> > > diff --git a/cpukit/libcsupport/src/getchark.c b/cpukit/libcsupport/src/getchark.c
> > > index 5a9afbda7a..cfe9c022d6 100644
> > > --- a/cpukit/libcsupport/src/getchark.c
> > > +++ b/cpukit/libcsupport/src/getchark.c
> > > @@ -1,8 +1,9 @@
> > >  /**
> > > - *  @file
> > > + * @file
> > >   *
> > > - *  @brief Get Character from Stdin
> > > - *  @ingroup libcsupport
> > > + * @ingroup BSPIO
> > > + *
> > > + * @brief This source file contains the implementation of getchark().
> > >   */
> > >
> > >  /*
> > > @@ -18,13 +19,17 @@
> > >  #include "config.h"
> > >  #endif
> > >
> > > -#include <rtems.h>
> > >  #include <rtems/bspIo.h>
> > >
> > > -int getchark(void)
> > > +int getchark( void )
> > >  {
> > > -  if ( BSP_poll_char )
> > > -    return (*BSP_poll_char)();
> > > +  BSP_polling_getchar_function_type poll_char;
> > > +
> > > +  poll_char = BSP_poll_char;
> > > +
> > > +  if ( poll_char == NULL ) {
> > > +    return -1;
> > > +  }
> > >
> > > -  return -1;
> > > +  return ( *poll_char )();
> > >  }
> > > --
> > > 2.26.2
> > >
> > > _______________________________________________
> > > devel mailing list
> > > devel at rtems.org
> > > http://lists.rtems.org/mailman/listinfo/devel
> > _______________________________________________
> > devel mailing list
> > devel at rtems.org
> > http://lists.rtems.org/mailman/listinfo/devel

More information about the devel mailing list