mirror of
https://github.com/rkd77/elinks.git
synced 2024-09-29 03:17:53 -04:00
Secure file saving: restore umask after _all_ failure conditions
The secure file saving code plays some shenanigans with the umask.
Previously, the code could fail to restore the old umask when certain libc
calls failed: malloc, mkstemp, fdopen, and fopen. This resulted in
unrelated code creating files with the wrong umode. Specifically, the
download code's automatic directory creation was creating directories
without the execute permission bit.
Thanks to Quiznos for reporting and helping to track the problem down.
[ Backported from commit 7f0fb0440c
in
ELinks 0.12.GIT. The general download code in 0.11.2.GIT does not
automatically create directories but the BitTorrent code does. --KON ]
This commit is contained in:
parent
452d4c0f61
commit
40f5e23fb0
@ -69,9 +69,8 @@ enum secsave_errno secsave_errno = SS_ERR_NONE;
|
||||
/* Open a file for writing in a secure way. It returns a pointer to a structure
|
||||
* secure_save_info on success, or NULL on failure. */
|
||||
static struct secure_save_info *
|
||||
secure_open_umask(unsigned char *file_name, mode_t mask)
|
||||
secure_open_umask(unsigned char *file_name)
|
||||
{
|
||||
mode_t saved_mask;
|
||||
struct stat st;
|
||||
struct secure_save_info *ssi;
|
||||
|
||||
@ -144,8 +143,6 @@ secure_open_umask(unsigned char *file_name, mode_t mask)
|
||||
}
|
||||
}
|
||||
|
||||
saved_mask = umask(mask);
|
||||
|
||||
if (ssi->secure_save) {
|
||||
/* We use a random name for temporary file, mkstemp() opens
|
||||
* the file and return a file descriptor named fd, which is
|
||||
@ -187,8 +184,6 @@ secure_open_umask(unsigned char *file_name, mode_t mask)
|
||||
}
|
||||
}
|
||||
|
||||
umask(saved_mask);
|
||||
|
||||
return ssi;
|
||||
|
||||
free_file_name:
|
||||
@ -206,7 +201,15 @@ end:
|
||||
struct secure_save_info *
|
||||
secure_open(unsigned char *file_name)
|
||||
{
|
||||
return secure_open_umask(file_name, S_IXUSR | S_IRWXG | S_IRWXO);
|
||||
struct secure_save_info *ssi;
|
||||
mode_t saved_mask;
|
||||
const mode_t mask = S_IXUSR | S_IRWXG | S_IRWXO;
|
||||
|
||||
saved_mask = umask(mask);
|
||||
ssi = secure_open_umask(file_name);
|
||||
umask(saved_mask);
|
||||
|
||||
return ssi;
|
||||
}
|
||||
|
||||
/* Close a file opened with secure_open, and return 0 on success, errno
|
||||
|
Loading…
Reference in New Issue
Block a user