[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-trivial] [PATCH v6 09/10] tcg: check return value of fopen()
From: |
Richard Henderson |
Subject: |
Re: [Qemu-trivial] [PATCH v6 09/10] tcg: check return value of fopen() |
Date: |
Fri, 15 Aug 2014 06:53:19 -1000 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.7.0 |
On 08/15/2014 05:03 AM, Michael Tokarev wrote:
>>> f = fopen("/tmp/op.log", "w");
>
> Gosh. So why are we still use fixed filenames in /tmp?????
> Every such use is a potential security holw... :( Ughm.
>
> Can't we get rid of this somehow, by requiring a filename
> parameter for example?
It's in code that isn't compiled in by default.
Better than taking a parameter, or doing something else one-off, I think it'd
be best to dump this to the normal log file. I.e. use qemu_log instead of
fprintf.
r~
- [Qemu-trivial] [PATCH v6 04/10] ivshmem: check the value returned by fstat(), (continued)
[Qemu-trivial] [PATCH v6 03/10] virtio-blk: fix reference a pointer which might be freed, zhanghailiang, 2014/08/14
Re: [Qemu-trivial] [PATCH v6 03/10] virtio-blk: fix reference a pointer which might be freed, Michael Tokarev, 2014/08/18
[Qemu-trivial] [PATCH v6 08/10] tests/bios-tables-test: check the value returned by fopen(), zhanghailiang, 2014/08/14