diff options
| author | Angel Guzman Maeso <shakaran@gmail.com> | 2013-08-27 21:29:01 +0200 |
|---|---|---|
| committer | David Kalnischkies <kalnischkies@gmail.com> | 2013-08-27 21:29:01 +0200 |
| commit | 7335eebea6dd43581d4650a8818b06383ab89901 (patch) | |
| tree | 043da39864bf345860068352cdff798f13ccfb04 | |
| parent | a5a5dd04bb1b4a5dd406cfe6c335b3965ee07f28 (diff) | |
replace usage of potential dangerous mktemp with mkstemp
Avoid the warning "the use of `mktemp' is dangerous,
better use `mkstemp' or `mkdtemp'". It is not strictly necessary to
change the usage from a security point of view here, but mktemp is
also removed from the standard since POSIX.1-2008.
The mkostemp call returns a file descriptor the logic for
TemporaryFileName has been changed accordingly to get the same results.
The file permissions are corrected by using fchmod() as the default for
FileFd is 666 while mkstemp creates files with 600 by default.
| -rw-r--r-- | apt-pkg/contrib/fileutl.cc | 24 |
1 files changed, 19 insertions, 5 deletions
diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc index 47a91c294..3eeef58cf 100644 --- a/apt-pkg/contrib/fileutl.cc +++ b/apt-pkg/contrib/fileutl.cc @@ -946,9 +946,6 @@ bool FileFd::Open(string FileName,unsigned int const Mode,APT::Configuration::Co if ((Mode & Atomic) == Atomic) { Flags |= Replace; - char *name = strdup((FileName + ".XXXXXX").c_str()); - TemporaryFileName = string(mktemp(name)); - free(name); } else if ((Mode & (Exclusive | Create)) == (Exclusive | Create)) { @@ -974,8 +971,25 @@ bool FileFd::Open(string FileName,unsigned int const Mode,APT::Configuration::Co else if_FLAGGED_SET(Atomic, O_EXCL); #undef if_FLAGGED_SET - if (TemporaryFileName.empty() == false) - iFd = open(TemporaryFileName.c_str(), fileflags, Perms); + if ((Mode & Atomic) == Atomic) + { + char *name = strdup((FileName + ".XXXXXX").c_str()); + + if((iFd = mkostemp(name, fileflags)) == -1) + { + free(name); + return FileFdErrno("mkostemp", "Could not create temporary file for %s", FileName.c_str()); + } + + TemporaryFileName = string(name); + + if(fchmod(iFd, Perms) == -1) + { + free(name); + return FileFdErrno("fchmod", "Could not assign permissions to temporary file %s with error %s", FileName.c_str(), strerror(errno)); + } + free(name); + } else iFd = open(FileName.c_str(), fileflags, Perms); |