Content deleted Content added
Citation bot (talk | contribs) m Alter: template type. Add: citeseerx, journal. Removed URL that duplicated unique identifier. Removed parameters. Some additions/deletions were actually parameter name changes. | You can use this bot yourself. Report bugs here. | Activated by User:AManWithNoPlan | via #UCB_webform |
m Task 70: Update syntaxhighlight tags - remove use of deprecated <source> tags |
||
Line 7:
In [[Unix]], the following [[C (programming language)|C]] code, when used in a <code>[[setuid]]</code> program, has a TOCTOU bug:
<
if (access("file", W_OK) != 0) {
exit(1);
Line 14:
fd = open("file", O_WRONLY);
write(fd, buffer, sizeof(buffer));
</syntaxhighlight>
Here, ''access'' is intended to check whether the real user who executed the <code>setuid</code> program would normally be allowed to write the file (i.e., <code>''access''</code> checks the [[real userid]] rather than [[effective userid]]).
Line 24:
|Attacker
|-
|<
if (access("file", W_OK) != 0) {
exit(1);
Line 32:
// Actually writing over /etc/passwd
write(fd, buffer, sizeof(buffer));
</syntaxhighlight>
||
<
//
//
Line 42:
//
//
</syntaxhighlight>
|}
| |||