Sophie

Sophie

distrib > Mageia > 7 > i586 > media > core-updates-src > by-pkgid > 213778f36f2d4d54f221a6a609e991d1 > files > 6

mirrordir-0.10.49-27.2.mga7.src.rpm

Mitigate the insecurity of tmpname() by using O_EXCL on creat

Index: mirrordir-0.10.49/vfs/vfs.c
===================================================================
--- mirrordir-0.10.49/vfs/vfs.c
+++ mirrordir-0.10.49/vfs/vfs.c	2015-10-26 20:56:37.760041683 +0000
@@ -1421,7 +1421,7 @@
     if (fdin == -1)
         return NULL;
     tmp = tmpnam(NULL);
-    fdout = creat (tmp, S_IWUSR | S_IRUSR);
+    fdout = creat (tmp, S_IWUSR | S_IRUSR | O_EXCL);
     if (fdout == -1) {
         mc_close (fdin);
         return NULL;

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional