d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix insecure tempfile handling

Browse Source 
Reviewed by:	audit@freebsd.org
This commit is contained in:
Kris Kennaway 2000-01-16 21:08:58 +00:00
parent e36de8f1b1
commit 16bd17ce2d
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=56125
1 changed files with 4 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
sbin/ldconfig/ldconfig.c
View File

@ -465,17 +465,13 @@ buildhints()
errx(1, "str_index(%d) != strtab_sz(%d)", str_index, strtab_sz);
}
tmpfile = concat(hints_file, ".XXXXXX", "");
if ((tmpfile = mktemp(tmpfile)) == NULL) {
tmpfile = concat(hints_file, ".XXXXXXXXXX", "");
umask(0); /* Create with exact permissions */
if ((fd = mkstemp(tmpfile)) == -1) {
warn("%s", tmpfile);
return -1;
}
umask(0); /* Create with exact permissions */
if ((fd = open(tmpfile, O_RDWR|O_CREAT|O_TRUNC, 0444)) == -1) {
warn("%s", hints_file);
return -1;
}
fchmod(fd, 0444);
if (write(fd, &hdr, sizeof(struct hints_header)) !=
sizeof(struct hints_header)) {