From 6fc8122490aacbeee8cf6ad7ed37819549e987c4 Mon Sep 17 00:00:00 2001 From: Karel Zak Date: Wed, 12 Dec 2012 13:32:52 +0100 Subject: libmount: make mkstemp() more robust [coverity scan] Signed-off-by: Karel Zak --- libmount/src/utils.c | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'libmount/src/utils.c') diff --git a/libmount/src/utils.c b/libmount/src/utils.c index d473bc499..325e1e9db 100644 --- a/libmount/src/utils.c +++ b/libmount/src/utils.c @@ -810,6 +810,7 @@ int mnt_open_uniq_filename(const char *filename, char **name) { int rc, fd; char *n; + mode_t oldmode; if (!filename) return -EINVAL; @@ -820,7 +821,14 @@ int mnt_open_uniq_filename(const char *filename, char **name) if (rc <= 0) return -errno; + /* This is for very old glibc and for compatibility with Posix where is + * nothing about mkstemp() mode. All sane glibc use secure mode (0600). + */ + oldmode = umask(S_IRGRP|S_IWGRP|S_IXGRP + S_IROTH|S_IWOTH|S_IXOTH) fd = mkstemp(n); + umask(oldmask); + if (fd >= 0 && name) *name = n; else -- cgit v1.2.3-55-g7522