From 4e1cc5f6dda22e9ff121d3753066775c25448bcc Mon Sep 17 00:00:00 2001 From: David Sommerseth Date: Fri, 16 Apr 2010 22:02:36 +0200 Subject: Harden create_temp_filename() (version 2) By hardening the create_temp_filename() function to check if the generated filename exists and to create the temp file with only S_IRUSR|S_IWUSR bit files set before calling the script, it should become even more difficult to exploit such a scenario. After a discussion on the mailing list, Fabian Knittel provided an enhanced version of the inital patch which is added to this patch. This patch also renames create_temp_filename() to create_temp_file(), as this patch also creates the temporary file. The function returns the filename of the created file, or NULL on error. Signed-off-by: David Sommerseth Signed-off-by: Fabian Knittel Acked-by: Gert Doering --- misc.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'misc.h') diff --git a/misc.h b/misc.h index 328107d..d5ad774 100644 --- a/misc.h +++ b/misc.h @@ -218,8 +218,8 @@ long int get_random(void); /* return true if filename can be opened for read */ bool test_file (const char *filename); -/* create a temporary filename in directory */ -const char *create_temp_filename (const char *directory, const char *prefix, struct gc_arena *gc); +/* create a temporary file in directory, returns the filename of the created file */ +const char *create_temp_file (const char *directory, const char *prefix, struct gc_arena *gc); /* put a directory and filename together */ const char *gen_path (const char *directory, const char *filename, struct gc_arena *gc); -- cgit