From 6cf7d837ee7e392ee047aee4f45132f4176b7493 Mon Sep 17 00:00:00 2001
From: Christian Marangi <ansuelsmth@gmail.com>
Date: Mon, 22 Jan 2024 01:13:11 +0100
Subject: [PATCH] kmodloader: fix TOCTOU problem with scan_builtin_modules

Fix TOCTOU problem with scan_builtin_modules by opening the file pointer
only once in module_folders scan.

Fix Coverity Report CID 1586645:  Security best practices violations
(TOCTOU).

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
---
 kmodloader.c | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/kmodloader.c b/kmodloader.c
index 43105b3..3736942 100644
--- a/kmodloader.c
+++ b/kmodloader.c
@@ -502,11 +502,16 @@ static int scan_builtin_modules(void)
 		return -1;
 	for (p = module_folders; *p; p++) {
 		snprintf(path, sizeof(path), "%s%s", *p, MOD_BUILTIN);
-		if (!stat(path, &st) && S_ISREG(st.st_mode)) {
-			fp = fopen(path, "r");
-			if (fp)
-				break;
-		}
+		fp = fopen(path, "r");
+		if (!fp)
+			continue;
+
+		if (!fstat(fileno(fp), &st) && S_ISREG(st.st_mode))
+			break;
+
+		/* Not regular file, close it and check next */
+		fclose(fp);
+		fp = NULL;
 	}
 	if (!fp)
 		return 0;	/* OK if modules.builtin unavailable */
-- 
2.30.2