From ad5bb0ebcaa7a6288976ccd5855a71bb536b57ae Mon Sep 17 00:00:00 2001 From: Tulio A M Mendes Date: Tue, 26 May 2026 02:24:42 -0300 Subject: [PATCH] security: add retry loop to mkstemp for EEXIST collisions (Fase 3) --- user/ulibc/src/stdlib.c | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/user/ulibc/src/stdlib.c b/user/ulibc/src/stdlib.c index f1cc1d51..f4d490f6 100644 --- a/user/ulibc/src/stdlib.c +++ b/user/ulibc/src/stdlib.c @@ -355,13 +355,25 @@ int mkstemp(char* tmpl) { /* Use alphanumeric characters for XXXXXX */ const char* charset = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; unsigned int seed = (unsigned int)(rand_bytes[0] ^ rand_bytes[1]); - for (int i = 0; i < 6; i++) { - suffix[i] = charset[seed % 62]; - seed = seed * 1103515245 + 12345; /* LCG for variety */ + + /* M9: Retry multiple times on EEXIST collision */ + const int max_attempts = 100; + for (int attempt = 0; attempt < max_attempts; attempt++) { + /* Generate random suffix */ + for (int i = 0; i < 6; i++) { + suffix[i] = charset[seed % 62]; + seed = seed * 1103515245 + 12345; /* LCG for variety */ + } + /* U01: Always use O_CREAT|O_EXCL to prevent race conditions */ + int fd = open(tmpl, 1 | 0x40 | 0x80 /* O_WRONLY|O_CREAT|O_EXCL */, 0600); + if (fd >= 0) return fd; /* Success */ + /* If error is not EEXIST, fail immediately */ + extern int errno; + if (errno != 17) return -1; /* EEXIST = 17 */ + /* Otherwise, retry with new random seed */ + seed += attempt + 1; } - /* U01: Always use O_CREAT|O_EXCL to prevent race conditions */ - int fd = open(tmpl, 1 | 0x40 | 0x80 /* O_WRONLY|O_CREAT|O_EXCL */, 0600); - return fd; + return -1; /* Max attempts exceeded */ } double strtod(const char* nptr, char** endptr) { -- 2.43.0