5 files changed, 21 insertions, 22 deletions

diff --git a/ChangeLog.d/bugfix/ZBX-16960 b/ChangeLog.d/bugfix/ZBX-16960
new file mode 100644
index 00000000000..661ad7f608e
--- /dev/null
+++ b/ChangeLog.d/bugfix/ZBX-16960
@@ -0,0 +1 @@
+...G...PS. [ZBX-16960,ZBX-16961,ZBX-16964] fixed time of check - time of use issues reported by coverity (atumilovics)
diff --git a/include/zbxtypes.h b/include/zbxtypes.h
index 230c898d3a5..e4d39f5d412 100644
--- a/include/zbxtypes.h
+++ b/include/zbxtypes.h
@@ -45,6 +45,7 @@
 #	include <strsafe.h>
 
 #	define zbx_stat(path, buf)		__zbx_stat(path, buf)
+#	define zbx_fstat(fd, buf)		_fstat64(fd, buf)
 
 #	ifndef __UINT64_C
 #		define __UINT64_C(x)	x
@@ -81,6 +82,7 @@ typedef __int64	zbx_offset_t;
 
 #else	/* _WINDOWS */
 #	define zbx_stat(path, buf)		stat(path, buf)
+#	define zbx_fstat(fd, buf)		fstat(fd, buf)
 
 #	ifndef __UINT64_C
 #		ifdef UINT64_C
diff --git a/src/libs/zbxnix/pid.c b/src/libs/zbxnix/pid.c
index 8f9a6153b5a..7a3e11a5b32 100644
--- a/src/libs/zbxnix/pid.c
+++ b/src/libs/zbxnix/pid.c
@@ -37,15 +37,9 @@ int	create_pid_file(const char *pidfile)
 	fl.l_pid = getpid();
 
 	/* check if pid file already exists */
-	if (0 == zbx_stat(pidfile, &buf))
+	if (-1 != (fd = open(pidfile, O_WRONLY | O_APPEND)))
 	{
-		if (-1 == (fd = open(pidfile, O_WRONLY | O_APPEND)))
-		{
-			zbx_error("cannot open PID file [%s]: %s", pidfile, zbx_strerror(errno));
-			return FAIL;
-		}
-
-		if (-1 == fcntl(fd, F_SETLK, &fl))
+		if (0 == zbx_fstat(fd, &buf) && -1 == fcntl(fd, F_SETLK, &fl))
 		{
 			close(fd);
 			zbx_error("Is this process already running? Could not lock PID file [%s]: %s",
diff --git a/src/libs/zbxsysinfo/common/file.c b/src/libs/zbxsysinfo/common/file.c
index 43ec106b4eb..52e4c0099bb 100644
--- a/src/libs/zbxsysinfo/common/file.c
+++ b/src/libs/zbxsysinfo/common/file.c
@@ -176,9 +176,9 @@ int	VFS_FILE_CONTENTS(AGENT_REQUEST *request, AGENT_RESULT *result)
 		goto err;
 	}
 
-	if (0 != zbx_stat(filename, &stat_buf))
+	if (-1 == (f = zbx_open(filename, O_RDONLY)))
 	{
-		SET_MSG_RESULT(result, zbx_dsprintf(NULL, "Cannot obtain file information: %s", zbx_strerror(errno)));
+		SET_MSG_RESULT(result, zbx_dsprintf(NULL, "Cannot open file: %s", zbx_strerror(errno)));
 		goto err;
 	}
 
@@ -188,15 +188,15 @@ int	VFS_FILE_CONTENTS(AGENT_REQUEST *request, AGENT_RESULT *result)
 		goto err;
 	}
 
-	if (ZBX_MAX_DB_FILE_SIZE < stat_buf.st_size)
+	if (0 != zbx_fstat(f, &stat_buf))
 	{
-		SET_MSG_RESULT(result, zbx_strdup(NULL, "File is too large for this check."));
+		SET_MSG_RESULT(result, zbx_dsprintf(NULL, "Cannot obtain file information: %s", zbx_strerror(errno)));
 		goto err;
 	}
 
-	if (-1 == (f = zbx_open(filename, O_RDONLY)))
+	if (ZBX_MAX_DB_FILE_SIZE < stat_buf.st_size)
 	{
-		SET_MSG_RESULT(result, zbx_dsprintf(NULL, "Cannot open file: %s", zbx_strerror(errno)));
+		SET_MSG_RESULT(result, zbx_strdup(NULL, "File is too large for this check."));
 		goto err;
 	}
 
diff --git a/src/zabbix_server/snmptrapper/snmptrapper.c b/src/zabbix_server/snmptrapper/snmptrapper.c
index c2840850796..d9ebbb0a598 100644
--- a/src/zabbix_server/snmptrapper/snmptrapper.c
+++ b/src/zabbix_server/snmptrapper/snmptrapper.c
@@ -502,14 +502,6 @@ static int	open_trap_file(void)
 	zbx_stat_t	file_buf;
 	char		*error = NULL;
 
-	if (0 != zbx_stat(CONFIG_SNMPTRAP_FILE, &file_buf))
-	{
-		error = zbx_dsprintf(error, "cannot stat SNMP trapper file \"%s\": %s", CONFIG_SNMPTRAP_FILE,
-				zbx_strerror(errno));
-		delay_trap_logs(error, LOG_LEVEL_CRIT);
-		goto out;
-	}
-
 	if (-1 == (trap_fd = open(CONFIG_SNMPTRAP_FILE, O_RDONLY)))
 	{
 		if (ENOENT != errno)	/* file exists but cannot be opened */
@@ -521,6 +513,16 @@ static int	open_trap_file(void)
 		goto out;
 	}
 
+	if (0 != zbx_fstat(trap_fd, &file_buf))
+	{
+		error = zbx_dsprintf(error, "cannot stat SNMP trapper file \"%s\": %s", CONFIG_SNMPTRAP_FILE,
+				zbx_strerror(errno));
+		delay_trap_logs(error, LOG_LEVEL_CRIT);
+		close(trap_fd);
+		trap_fd = -1;
+		goto out;
+	}
+
 	trap_ino = file_buf.st_ino;	/* a new file was opened */
 out:
 	zbx_free(error);