| Message ID | 20170912144459.11359-9-pbonzini@redhat.com |
|---|---|
| State | New |
| Headers | show |
| Series | cleanup qemu-iotests | expand |
On 09/12/2017 09:44 AM, Paolo Bonzini wrote: > The variable is used in "common" but defined only after the file > is sourced. > > Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> > --- > tests/qemu-iotests/check | 2 -- > tests/qemu-iotests/common | 2 ++ > 2 files changed, 2 insertions(+), 2 deletions(-) > Reviewed-by: Eric Blake <eblake@redhat.com> > +tmp="${TEST_DIR}"/$$ Pre-existing to your code motion, but would we be any safer if $tmp also included a use of $RANDOM? (The $$ already protects us from collisions with a parallel run, but it is easy to guess, so if $tmp is used to create any file that an attacker can access, running the testsuite may expose a machine to a symlink or other attack - but we probably have lots of those things to audit for before we can recommend running the testsuite in an untrusted environment).
diff --git a/tests/qemu-iotests/check b/tests/qemu-iotests/check index 4cb5b05908..7aec176ac4 100755 --- a/tests/qemu-iotests/check +++ b/tests/qemu-iotests/check @@ -77,8 +77,6 @@ fi TIMESTAMP_FILE=check.time-$IMGPROTO-$IMGFMT -tmp="${TEST_DIR}"/$$ - _wallclock() { date "+%H %M %S" | awk '{ print $1*3600 + $2*60 + $3 }' diff --git a/tests/qemu-iotests/common b/tests/qemu-iotests/common index ee313af92f..365d3c4349 100644 --- a/tests/qemu-iotests/common +++ b/tests/qemu-iotests/common @@ -67,6 +67,8 @@ sortme=false expunge=true have_test_arg=false cachemode=false + +tmp="${TEST_DIR}"/$$ rm -f $tmp.list $tmp.tmp $tmp.sed export IMGFMT=raw
The variable is used in "common" but defined only after the file is sourced. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> --- tests/qemu-iotests/check | 2 -- tests/qemu-iotests/common | 2 ++ 2 files changed, 2 insertions(+), 2 deletions(-)