daemon/tls_ephemeral_credentials: fix possible race between read() and fstat()

author: Oto Šťáva <oto.stava@nic.cz> 2024-05-20 11:52:27 +0200
committer: Oto Šťáva <oto.stava@nic.cz> 2024-05-20 12:18:42 +0200
commit: bda4387ea9b09e03be69d38db104f5245b32d110 (patch)
tree: 9762e19adbd9887415db0807864e27c5f3cdb940
parent: .gitlab-ci: fail Coverity Scan on HTTP error (diff)
download: knot-resolver-bda4387ea9b09e03be69d38db104f5245b32d110.tar.xz
knot-resolver-bda4387ea9b09e03be69d38db104f5245b32d110.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/daemon/tls_ephemeral_credentials.c b/daemon/tls_ephemeral_credentials.c
index 0d9ec6db..2b928faa 100644
--- a/daemon/tls_ephemeral_credentials.c
+++ b/daemon/tls_ephemeral_credentials.c
@@ -91,7 +91,7 @@ static gnutls_x509_privkey_t get_ephemeral_privkey (void)
 		}
 		data.size = stat.st_size;
 		bytes_read = read(datafd, data.data, stat.st_size);
-		if (bytes_read != stat.st_size) {
+		if (bytes_read < 0 || bytes_read != stat.st_size) {
 			kr_log_error(TLS, "unable to read ephemeral private key\n");
 			goto bad_data;
 		}
author	Oto Šťáva <oto.stava@nic.cz>	2024-05-20 11:52:27 +0200
committer	Oto Šťáva <oto.stava@nic.cz>	2024-05-20 12:18:42 +0200
commit	bda4387ea9b09e03be69d38db104f5245b32d110 (patch)
tree	9762e19adbd9887415db0807864e27c5f3cdb940
parent	.gitlab-ci: fail Coverity Scan on HTTP error (diff)
download	knot-resolver-bda4387ea9b09e03be69d38db104f5245b32d110.tar.xz knot-resolver-bda4387ea9b09e03be69d38db104f5245b32d110.zip