diff options
author | kris <kris@FreeBSD.org> | 2000-01-16 21:08:58 +0000 |
---|---|---|
committer | kris <kris@FreeBSD.org> | 2000-01-16 21:08:58 +0000 |
commit | 9861a8004bb87d233aa436f493dbcff888738257 (patch) | |
tree | 797b9812eb092c787932ab5f3182734e0147abe0 /sbin/ldconfig | |
parent | fb35998cf918637e001eab3ebc4e918f7e74f437 (diff) | |
download | FreeBSD-src-9861a8004bb87d233aa436f493dbcff888738257.zip FreeBSD-src-9861a8004bb87d233aa436f493dbcff888738257.tar.gz |
Fix insecure tempfile handling
Reviewed by: audit@freebsd.org
Diffstat (limited to 'sbin/ldconfig')
-rw-r--r-- | sbin/ldconfig/ldconfig.c | 12 |
1 files changed, 4 insertions, 8 deletions
diff --git a/sbin/ldconfig/ldconfig.c b/sbin/ldconfig/ldconfig.c index 01bbe1f..07e5abc 100644 --- a/sbin/ldconfig/ldconfig.c +++ b/sbin/ldconfig/ldconfig.c @@ -465,17 +465,13 @@ buildhints() errx(1, "str_index(%d) != strtab_sz(%d)", str_index, strtab_sz); } - tmpfile = concat(hints_file, ".XXXXXX", ""); - if ((tmpfile = mktemp(tmpfile)) == NULL) { - warn("%s", tmpfile); - return -1; - } - + tmpfile = concat(hints_file, ".XXXXXXXXXX", ""); umask(0); /* Create with exact permissions */ - if ((fd = open(tmpfile, O_RDWR|O_CREAT|O_TRUNC, 0444)) == -1) { - warn("%s", hints_file); + if ((fd = mkstemp(tmpfile)) == -1) { + warn("%s", tmpfile); return -1; } + fchmod(fd, 0444); if (write(fd, &hdr, sizeof(struct hints_header)) != sizeof(struct hints_header)) { |