diff options
author | Kris Kennaway <kris@FreeBSD.org> | 2000-01-16 21:08:58 +0000 |
---|---|---|
committer | Kris Kennaway <kris@FreeBSD.org> | 2000-01-16 21:08:58 +0000 |
commit | 16bd17ce2d680932e8bbaa2fcef288c0046ea146 (patch) | |
tree | d3c16ac70a6cec8ad7780920adc78fad166e91db | |
parent | e36de8f1b150b8f51b65eff17a01cd8a136b1cce (diff) | |
download | src-16bd17ce2d680932e8bbaa2fcef288c0046ea146.tar.gz src-16bd17ce2d680932e8bbaa2fcef288c0046ea146.zip |
Fix insecure tempfile handling
Reviewed by: audit@freebsd.org
Notes
Notes:
svn path=/head/; revision=56125
-rw-r--r-- | sbin/ldconfig/ldconfig.c | 12 |
1 files changed, 4 insertions, 8 deletions
diff --git a/sbin/ldconfig/ldconfig.c b/sbin/ldconfig/ldconfig.c index 01bbe1f5d596..07e5abcfa584 100644 --- a/sbin/ldconfig/ldconfig.c +++ b/sbin/ldconfig/ldconfig.c @@ -465,17 +465,13 @@ buildhints() errx(1, "str_index(%d) != strtab_sz(%d)", str_index, strtab_sz); } - tmpfile = concat(hints_file, ".XXXXXX", ""); - if ((tmpfile = mktemp(tmpfile)) == NULL) { - warn("%s", tmpfile); - return -1; - } - + tmpfile = concat(hints_file, ".XXXXXXXXXX", ""); umask(0); /* Create with exact permissions */ - if ((fd = open(tmpfile, O_RDWR|O_CREAT|O_TRUNC, 0444)) == -1) { - warn("%s", hints_file); + if ((fd = mkstemp(tmpfile)) == -1) { + warn("%s", tmpfile); return -1; } + fchmod(fd, 0444); if (write(fd, &hdr, sizeof(struct hints_header)) != sizeof(struct hints_header)) { |