Re: Locking of serial devices and devfs
Je Thu, 21 Jun 2001 13:08:51 +0200,
Russell Coker <russell@coker.com.au> scribis:
> if (( p = strstr(dev, "dev/")) != NULL)
> dev = p + 4; /* point to first byte after "dev/" */
> slprintf(lock_file, sizeof(lock_file), "%s/LCK..%s", LOCK_DIR, dev);
> if(strchr(dev, '/'))
> {
> char *dir = strdup(dev);
> *(strchr(dir, '/')) = '\0';
> mkdir(dir);
>}
(I think you mean lock_file instead of dev in the mkdir block.)
I'm worried that this code lets the user put directories anywhere on
the filesystem. First run it with dev as "/dev/tts/0" (to create the
lockfile directory), then run it with dev as "tts/../../../foo/bar"
(to create a root directory, "foo").
Why not just remove the leading "/dev/" and convert "/"s to something
harmless like ","?
--
Itai Zukerman <http://www.math-hat.com/~zukerman/>
Reply to: