[Fontconfig] Re: [patch]: mmapping FontConfig data structures
(fwd)
Behdad Esfahbod
behdad at cs.toronto.edu
Sat Jun 11 02:46:38 EST 2005
--behdad
http://behdad.org/
---------- Forwarded message ----------
Date: Fri, 10 Jun 2005 12:42:38 -0400
From: Patrick Lam <plam at MIT.EDU>
To: Behdad Esfahbod <behdad>
Subject: Re: [Fontconfig] Re: [patch]: mmapping FontConfig data structures
Behdad Esfahbod wrote:
> You better use O_EXCL anyway. Just in case two copies of fc-mmap
> happen to run in parallel, or something.
Done.
> How is fc-mmap supposed to be called BTW? Why not dump the cache
> in the library if it doesn't exist?
Just run fc-mmap/fc-mmap (it has a few options, but you don't need any
to successfully run.) What do you mean by the library?
> I don't know the code myself. And have not tested. Try manually making a
> symlink from the name of your file to be created and have it point to
> another existing file ... and see what your code does to it. (Imagine
> someone malicious making a symlink pointing to your password database and
> waiting for someone to run this routine as root to cause a simple denial
> of service.)
Here's what I do now:
unlink (FcMmapFilename());
fd = open(FcMmapFilename(), O_RDWR | O_CREAT | O_TRUNC | O_EXCL, 0600);
if (fd == -1)
return FcFalse;
Is that sufficient?
What I meant by 'just hanging around' was that someone could modify the
file and cause arbitrary stuff to be read into memory; taking a CRC
would prevent that. If the CRC is not useful, then I won't take it.
pat
More information about the Fontconfig
mailing list