Close security hole in tmpfile.
* libc/stdio/tmpfile.c (_tmpfile_r): Avoid window between filename generation and opening the fd. * libc/stdio64/tmpfile64.c (_tmpfile64_r): Likewise.
This commit is contained in:
Eric Blake
parent
895d76fed6
commit
d009633d30
|
|
@ -1,5 +1,10 @@
|
|||
2007-05-16 Eric Blake <ebb9@byu.net>
|
||||
|
||||
Close security hole in tmpfile.
|
||||
* libc/stdio/tmpfile.c (_tmpfile_r): Avoid window between filename
|
||||
generation and opening the fd.
|
||||
* libc/stdio64/tmpfile64.c (_tmpfile64_r): Likewise.
|
||||
|
||||
* libc/include/math.h (INFINITY, NAN, FP_ILOGB0, FP_ILOGBNAN)
|
||||
(MATH_ERRNO, MATH_ERREXCEPT, math_errhandling): Add macros
|
||||
required by POSIX.
|
||||
|
|
|
|||
|
|
@ -49,6 +49,11 @@ Supporting OS subroutines required: <<close>>, <<fstat>>, <<getpid>>,
|
|||
#include <reent.h>
|
||||
#include <stdio.h>
|
||||
#include <errno.h>
|
||||
#include <fcntl.h>
|
||||
|
||||
#ifndef O_BINARY
|
||||
# define O_BINARY 0
|
||||
#endif
|
||||
|
||||
FILE *
|
||||
_DEFUN(_tmpfile_r, (ptr),
|
||||
|
|
@ -58,11 +63,22 @@ _DEFUN(_tmpfile_r, (ptr),
|
|||
int e;
|
||||
char *f;
|
||||
char buf[L_tmpnam];
|
||||
int fd;
|
||||
|
||||
if ((f = _tmpnam_r (ptr, buf)) == NULL)
|
||||
do
|
||||
{
|
||||
if ((f = _tmpnam_r (ptr, buf)) == NULL)
|
||||
return NULL;
|
||||
fd = _open_r (ptr, f, O_RDWR | O_CREAT | O_EXCL | O_BINARY,
|
||||
S_IRUSR | S_IWUSR);
|
||||
}
|
||||
while (fd < 0 && ptr->_errno == EEXIST);
|
||||
if (fd < 0)
|
||||
return NULL;
|
||||
fp = _fopen_r (ptr, f, "wb+");
|
||||
fp = _fdopen_r (ptr, fd, "wb+");
|
||||
e = ptr->_errno;
|
||||
if (!fp)
|
||||
_close_r (ptr, fd);
|
||||
_CAST_VOID _remove_r (ptr, f);
|
||||
ptr->_errno = e;
|
||||
return fp;
|
||||
|
|
|
|||
|
|
@ -49,6 +49,11 @@ Supporting OS subroutines required: <<close>>, <<fstat>>, <<getpid>>,
|
|||
|
||||
#include <stdio.h>
|
||||
#include <errno.h>
|
||||
#include <fcntl.h>
|
||||
|
||||
#ifndef O_BINARY
|
||||
# define O_BINARY 0
|
||||
#endif
|
||||
|
||||
#ifdef __LARGE64_FILES
|
||||
|
||||
|
|
@ -60,11 +65,22 @@ _DEFUN (_tmpfile64_r, (ptr),
|
|||
int e;
|
||||
char *f;
|
||||
char buf[L_tmpnam];
|
||||
int fd;
|
||||
|
||||
if ((f = _tmpnam_r (ptr, buf)) == NULL)
|
||||
do
|
||||
{
|
||||
if ((f = _tmpnam_r (ptr, buf)) == NULL)
|
||||
return NULL;
|
||||
fd = _open64_r (ptr, f, O_RDWR | O_CREAT | O_EXCL | O_BINARY,
|
||||
S_IRUSR | S_IWUSR);
|
||||
}
|
||||
while (fd < 0 && ptr->_errno == EEXIST);
|
||||
if (fd < 0)
|
||||
return NULL;
|
||||
fp = _fopen64_r (ptr, (const char *)f, "wb+");
|
||||
fp = _fdopen64_r (ptr, fd, "wb+");
|
||||
e = ptr->_errno;
|
||||
if (!fp)
|
||||
_close_r (ptr, fd);
|
||||
_CAST_VOID _remove_r (ptr, f);
|
||||
ptr->_errno = e;
|
||||
return fp;
|
||||
|
|
@ -81,4 +97,3 @@ _DEFUN_VOID (tmpfile64)
|
|||
#endif
|
||||
|
||||
#endif /* __LARGE64_FILES */
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue