From b4108a06977f82330a90556ab13b966e612c07bd Mon Sep 17 00:00:00 2001 From: kris Date: Thu, 26 Apr 2001 07:32:27 +0000 Subject: [PATCH] Use mkstemp() for secure tempfile creation instead of tempnam() Obtained from: OpenBSD Reviewed by: mikeh --- bin/pax/extern.h | 3 +++ bin/pax/pax.c | 25 +++++++++++++++++++++++++ bin/pax/pax.h | 1 + bin/pax/tables.c | 27 ++++++++++----------------- 4 files changed, 39 insertions(+), 17 deletions(-) diff --git a/bin/pax/extern.h b/bin/pax/extern.h index ff33e5bcdf0e..89a5840a5796 100644 --- a/bin/pax/extern.h +++ b/bin/pax/extern.h @@ -224,6 +224,9 @@ extern int exit_val; extern int docrc; extern char *dirptr; extern char *argv0; +extern char *tempfile; +extern char *tempbase; + int main __P((int, char **)); void sig_cleanup __P((int)); diff --git a/bin/pax/pax.c b/bin/pax/pax.c index 641d53fab0c7..5eb57eabc5ec 100644 --- a/bin/pax/pax.c +++ b/bin/pax/pax.c @@ -55,6 +55,7 @@ static const char rcsid[] = #include #include #include +#include #include #include #include @@ -96,6 +97,8 @@ int exit_val; /* exit value */ int docrc; /* check/create file crc */ char *dirptr; /* destination dir in a copy */ char *argv0; /* root of argv[0] */ +char *tempfile; /* tempfile to use for mkstemp(3) */ +char *tempbase; /* basename of tempfile to use for mkstemp(3) */ sigset_t s_mask; /* signal mask for cleanup critical sect */ /* @@ -228,7 +231,29 @@ main(argc, argv) char **argv; #endif { + char *tmpdir; + size_t tdlen; + (void) setlocale(LC_ALL, ""); + + /* + * Where should we put temporary files? + */ + if ((tmpdir = getenv("TMPDIR")) == NULL || *tmpdir == '\0') + tmpdir = _PATH_TMP; + tdlen = strlen(tmpdir); + while(tdlen > 0 && tmpdir[tdlen - 1] == '/') + tdlen--; + tempfile = malloc(tdlen + 1 + sizeof(_TFILE_BASE)); + if (tempfile == NULL) { + pax_warn(1, "Cannot allocate memory for temp file name."); + return(exit_val); + } + if (tdlen) + memcpy(tempfile, tmpdir, tdlen); + tempbase = tempfile + tdlen; + *tempbase++ = '/'; + /* * parse options, determine operational mode, general init */ diff --git a/bin/pax/pax.h b/bin/pax/pax.h index a87b359f14b2..3a8824b01517 100644 --- a/bin/pax/pax.h +++ b/bin/pax/pax.h @@ -237,3 +237,4 @@ typedef struct oplist { #define HEX 16 #define OCT 8 #define _PAX_ 1 +#define _TFILE_BASE "paxXXXXXXXXXX" diff --git a/bin/pax/tables.c b/bin/pax/tables.c index e6c106b83d58..d4c61c59f162 100644 --- a/bin/pax/tables.c +++ b/bin/pax/tables.c @@ -360,8 +360,6 @@ int ftime_start() #endif { - char *pt; - if (ftab != NULL) return(0); if ((ftab = (FTM **)calloc(F_TAB_SZ, sizeof(FTM *))) == NULL) { @@ -373,16 +371,14 @@ ftime_start() * get random name and create temporary scratch file, unlink name * so it will get removed on exit */ - if ((pt = tempnam((char *)NULL, (char *)NULL)) == NULL) - return(-1); - (void)unlink(pt); - - if ((ffd = open(pt, O_RDWR | O_CREAT, S_IRWXU)) < 0) { - sys_warn(1, errno, "Unable to open temporary file: %s", pt); + memcpy(tempbase, _TFILE_BASE, sizeof(_TFILE_BASE)); + if ((ffd = mkstemp(tempfile)) < 0) { + sys_warn(1, errno, "Unable to create temporary file: %s", + tempfile); return(-1); } + (void)unlink(tempfile); - (void)unlink(pt); return(0); } @@ -1210,22 +1206,19 @@ int dir_start() #endif { - char *pt; - if (dirfd != -1) return(0); - if ((pt = tempnam((char *)NULL, (char *)NULL)) == NULL) - return(-1); /* * unlink the file so it goes away at termination by itself */ - (void)unlink(pt); - if ((dirfd = open(pt, O_RDWR|O_CREAT, 0600)) >= 0) { - (void)unlink(pt); + memcpy(tempbase, _TFILE_BASE, sizeof(_TFILE_BASE)); + if ((dirfd = mkstemp(tempfile)) >= 0) { + (void)unlink(tempfile); return(0); } - pax_warn(1, "Unable to create temporary file for directory times: %s", pt); + pax_warn(1, "Unable to create temporary file for directory times: %s", + tempfile); return(-1); }