vfio/iommufd: Remove the use of stat() to check file existence

Using stat() before opening a file or a directory can lead to a time-of-check to time-of-use (TOCTOU) filesystem race, which is reported by coverity as a Security best practices violations. The sequence could be replaced by open and fdopendir but it doesn't add much in this case. Simply use opendir to avoid the race. Fixes: CID 1531551 Signed-off-by: Cédric Le Goater <clg@redhat.com> Reviewed-by: Zhenzhong Duan <Zhenzhong.duan@intel.com>
qemu · Jan 5, 2024 · 6ba2548 · 6ba2548
1 parent 9353b6d
commit 6ba2548
Showing 1 changed file with 0 additions and 6 deletions.
diff --git a/hw/vfio/iommufd.c b/hw/vfio/iommufd.c
@@ -121,17 +121,11 @@ static int iommufd_cdev_getfd(const char *sysfs_path, Error **errp)
     DIR *dir = NULL;
     struct dirent *dent;
     gchar *contents;
-    struct stat st;
     gsize length;
     int major, minor;
     dev_t vfio_devt;
 
     path = g_strdup_printf("%s/vfio-dev", sysfs_path);
-    if (stat(path, &st) < 0) {
-        error_setg_errno(errp, errno, "no such host device");
-        goto out_free_path;
-    }
-
     dir = opendir(path);
     if (!dir) {
         error_setg_errno(errp, errno, "couldn't open directory %s", path);