u-a: Fix TOCTOU race in rename_mv()

This does not have any security implications, but it makes the code more robust. Warned-by: coverity
author: Guillem Jover <guillem@debian.org> 2014-05-03 03:48:01 +0200
committer: Guillem Jover <guillem@debian.org> 2014-05-17 09:36:05 +0200
commit: 96d58c81919e45bad12fbe9ab4b7a295743f2614 (patch)
tree: 7611945afbf95ff1b21ee736e7ad2e7381a46f4e /utils
parent: ec7488184f4065911171d22a3fafd60155dd7cc3 (diff)
download: dpkg-96d58c81919e45bad12fbe9ab4b7a295743f2614.tar.gz
1 files changed, 9 insertions, 13 deletions
diff --git a/utils/update-alternatives.c b/utils/update-alternatives.c
index 3fe9d44f8..3dd9414be 100644
--- a/utils/update-alternatives.c
+++ b/utils/update-alternatives.c
@@ -459,23 +459,19 @@ subcall(const char *prog, ...)
 static bool
 rename_mv(const char *src, const char *dst)
 {
-	struct stat st;
+	const char *args[] = { "mv", src, dst, NULL };
+	int rc;
 
-	if (lstat(src, &st) != 0)
+	if (rename(src, dst) == 0)
+		return true;
+	if (errno == ENOENT)
 		return false;
 
-	if (rename(src, dst) != 0) {
-		const char *args[] = { "mv", src, dst, NULL };
-		int rc;
-
-		rc = spawn("mv", args);
-		if (WIFEXITED(rc) && WEXITSTATUS(rc) == 0)
-			return true;
-
-		return false;
-	}
+	rc = spawn("mv", args);
+	if (WIFEXITED(rc) && WEXITSTATUS(rc) == 0)
+		return true;
 
-	return true;
+	return false;
 }
 
 static void
author	Guillem Jover <guillem@debian.org>	2014-05-03 03:48:01 +0200
committer	Guillem Jover <guillem@debian.org>	2014-05-17 09:36:05 +0200
commit	96d58c81919e45bad12fbe9ab4b7a295743f2614 (patch)
tree	7611945afbf95ff1b21ee736e7ad2e7381a46f4e /utils
parent	ec7488184f4065911171d22a3fafd60155dd7cc3 (diff)
download	dpkg-96d58c81919e45bad12fbe9ab4b7a295743f2614.tar.gz