Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!linus!philabs!seismo!hao!hplabs!sri-unix!lund@ucla-locus From: lund%ucla-locus@sri-unix.UUCP Newsgroups: net.unix-wizards Subject: bug in uucp locking mechanism Message-ID: <2916@sri-arpa.UUCP> Date: Fri, 8-Jul-83 20:03:14 EDT Article-I.D.: sri-arpa.2916 Posted: Fri Jul 8 20:03:14 1983 Date-Received: Tue, 12-Jul-83 03:02:40 EDT Lines: 58 From: Laurence LundbladeThere is a window in the locking code used by uucp. The difficulty is in ulockf(). First it calls onelock() which attempts to create the lock file, then if that fails, it attempts to stat() the file to see if it is old enough to delete. If the stat fails it recognizes this and attempts to remove the lockfile without regard for someone else who created the lockfile immediately follwing the failure of the stat. The fix is simply to move the removal of the lockfile so it is only executed if the stat() succeeds and the file is found to be old enough to delete. In the routine ulockf() in the file ulockf.c if (onelock(pid, tempfile, file) == -1) { /* lock file exists */ /* get status to check age of the lock file */ ret = stat(file, &stbuf); if (ret != -1) { time(&ptime); if ((ptime - stbuf.st_ctime) < atime) { /* file not old enough to delete */ return(FAIL); #ifdef BUGFIX /* * * * * * * * * * * * * repair window in LOCKING that occurs if onelock() * fails,stat() fails then someone else locks * immediately after stat fails. The original code * will remove lock if stat fails disregarding the * posibility that someone locked after stat failed. */ } else { ret = unlink(file); ret = onelock(pid, tempfile, file); #endif BUGFIX } } #ifndef BUGFIX ret = unlink(file); ret = onelock(pid, tempfile, file); #endif BUGFIX if (ret != 0) return(FAIL); } This was discovered when the sequence file got munged frequently running with a modified unix kernal and modified gename() routine in uucp, however it could happen to anyone. ....Larry UUCP: ucbvax!ucla-va!lund ARPA: lund@ucla-locus