Austin Group Defect Tracker

Aardvark Mark IV

Main | My View | View Issues | Change Log | Docs
  

Viewing Issue Simple Details Jump to Notes ] Issue History ] Print ]
ID Category Severity Type Date Submitted Last Update
0000331 [1003.1(2008)/Issue 7] System Interfaces Objection Enhancement Request 2010-10-11 22:23 2011-09-22 16:25
Reporter dwheeler View Status public  
Assigned To ajosey
Priority normal Resolution Duplicate  
Status Closed  
Name David A. Wheeler
Organization
User Reference
Section XSH - fopen, freopen, and fdopen
Page Number 820-926
Line Number 27373-31021
Interp Status ---
Final Accepted Text
Summary 0000331: Add 'x' mode to fopen and freopen to force O_EXCL (and declare that fdopen ignores 'x')
Description Some security vulnerabilities can be countered by exclusively opening a file using, e.g., open's O_EXCL flag (e.g., see the discussion on CWE-377, Insecure Temporary File). Unfortunately, fopen and freopen don't provide a standard flag for accessing this. Making it easier to invoke this would make it easier to avoid certain security vulnerabilities.

GNU/Linux *does* provide such a flag, 'x', for fopen and freopen.
This proposal recommends making it a standard flag. Per its man page,
the flag 'x' in a mode has this meaning:
       x Open the file exclusively (like the O_EXCL flag of open(2)). If
              the file already exists, fopen() fails, and sets errno to EEX-
              IST. This flag is ignored for fdopen().
Desired Action In fopen, after line 29134:
If the flag 'x' is included in the mode and after the first character, open the file exclusively, just as if including the O_EXCL | O_CREAT flags of open(2).
If the file already exists, fail and set errno to EEXIST.

In freopen, after line 30889:
If the flag 'x' is included in the mode and after the first character,
attempt to open the file exclusively,
just as if including the O_EXCL | O_CREAT flags of open(2).
If the file already exists, fail and set errno to EEXIST.

In fdopen, after line 27388:
If the flag 'x' is included in the mode, it is ignored.
Tags c99
Attached Files

- Relationships
duplicate of 0000411Appliedajosey adding atomic FD_CLOEXEC support 

-  Notes
(0000592)
nick (manager)
2010-10-28 16:14

 Please note that the C committee is considering a similar change (they require that the 'x' character be the last character in the mode string). We should wait till that standard is complete and align with their change.

For a current working draft of the C revision, see http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1516.pdf [^]
(0000610)
nick (manager)
2010-11-05 15:11

 The committee draft ballot for the C1x standard is due to start within the next 2-3 weeks. The 'x' character for fopen is regarded as non-controversial.
(0000972)
nick (manager)
2011-09-22 16:23
edited on: 2011-09-22 16:24

 Closing as duplicate of 0000411

- Issue History
Date Modified Username Field Change
2010-10-11 22:23 dwheeler New Issue
2010-10-11 22:23 dwheeler Status New => Under Review
2010-10-11 22:23 dwheeler Assigned To => ajosey
2010-10-11 22:23 dwheeler Name => David A. Wheeler
2010-10-11 22:23 dwheeler Section => XSH - fopen, freopen, and fdopen
2010-10-11 22:23 dwheeler Page Number => 820-926
2010-10-11 22:23 dwheeler Line Number => 27373-31021
2010-10-28 16:12 nick Tag Attached: c99
2010-10-28 16:14 nick Note Added: 0000592
2010-11-05 15:11 nick Note Added: 0000610
2011-09-22 16:21 eblake Relationship added related to 0000411
2011-09-22 16:22 nick Relationship replaced duplicate of 0000411
2011-09-22 16:23 nick Interp Status => ---
2011-09-22 16:23 nick Note Added: 0000972
2011-09-22 16:23 nick Status Under Review => Resolved
2011-09-22 16:23 nick Resolution Open => Duplicate
2011-09-22 16:24 nick Note Edited: 0000972
2011-09-22 16:25 nick Status Resolved => Closed

Mantis 1.1.6[^]
Copyright © 2000 - 2008 Mantis Group
Powered by Mantis Bugtracker