util/nvmutil: more secure tmpdir()

use stat instead of access (race conditions) Signed-off-by: Leah Rowe <leah@libreboot.org>
author: Leah Rowe <leah@libreboot.org> 2026-03-16 16:19:27 +0000
committer: Leah Rowe <leah@libreboot.org> 2026-03-16 16:19:27 +0000
commit: a261bab075eeca06c98522ee860e8d19962149f0 (patch)
tree: b8b5a5c546d328dae4e1a38e0380444d3254f352
parent: bc2cf249930e4d0edbd69f494d94e6a84210f467 (diff)
1 files changed, 7 insertions, 4 deletions
diff --git a/util/nvmutil/nvmutil.c b/util/nvmutil/nvmutil.c
index 25953de5..96948f09 100644
--- a/util/nvmutil/nvmutil.c
+++ b/util/nvmutil/nvmutil.c
@@ -3088,15 +3088,18 @@ static char *
 x_c_tmpdir(void)
 {
 	char *t;
+	struct stat st;
 
 	t = getenv("TMPDIR");
-	if (t && *t)
-		return t;
+	if (t && *t) {
+		if (stat(t, &st) == 0 && S_ISDIR(st.st_mode))
+			return t;
+	}
 
-	if (access("/tmp", W_OK) == 0)
+	if (stat("/tmp", &st) == 0 && S_ISDIR(st.st_mode))
 		return "/tmp";
 
-	if (access("/var/tmp", W_OK) == 0)
+	if (stat("/var/tmp", &st) == 0 && S_ISDIR(st.st_mode))
 		return "/var/tmp";
 
 	return ".";
author	Leah Rowe <leah@libreboot.org>	2026-03-16 16:19:27 +0000
committer	Leah Rowe <leah@libreboot.org>	2026-03-16 16:19:27 +0000
commit	a261bab075eeca06c98522ee860e8d19962149f0 (patch)
tree	b8b5a5c546d328dae4e1a38e0380444d3254f352
parent	bc2cf249930e4d0edbd69f494d94e6a84210f467 (diff)