projects / platform / upstream / llvm.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 675d279) | patch
Check that the directory does not exist.
authorSylvestre Ledru <sylvestre@debian.org>
Mon, 16 Jun 2014 20:31:15 +0000 (20:31 +0000)
committerSylvestre Ledru <sylvestre@debian.org>
Mon, 16 Jun 2014 20:31:15 +0000 (20:31 +0000)
commitc7bc52596f5a978feada4f2f8cbc0639f7b06b2c
tree5ebf356ef5d2630f98fdb507aff3022234957c4atree | snapshot
parent675d279af405d594552613c40a1507516039c694commit | diff
Check that the directory does not exist.
Otherwise, it could allows local users to obtain sensitive information or
overwrite arbitrary files via a symlink attack on temporary directories with
predictable names.

Reported as CVE-2014-2893 ( https://security-tracker.debian.org/tracker/CVE-2014-2893 )
Found by Jakub Wilk

llvm-svn: 211051
clang/tools/scan-build/scan-build diff | blob | history
Domain: System / Toolchain;