Fix potential rename(3) across file systems

Make sure the temporary file in the `config_write` function is created
on the same file system as the file we `rename` it to later.

src/lib-config/write.c

@@ -302,15 +302,21 @@ int config_write(CONFIG_REC *rec, const char *fname, int create_mode)
 	int ret;
 	int fd;
 	int save_errno;
-	char *tmp_name;
+	char *tmp_name = NULL;
-	const char *dest_name;
+	char *dest_name = NULL;
-	char *real_dest = NULL;
 
 	g_return_val_if_fail(rec != NULL, -1);
         g_return_val_if_fail(fname != NULL || rec->fname != NULL, -1);
         g_return_val_if_fail(create_mode != -1 || rec->create_mode != -1, -1);
 
-	dest_name = fname != NULL ? fname : rec->fname;
+	/* expand all symlinks; else we may replace a symlink with a regular file */
+	dest_name = realpath(fname != NULL ? fname : rec->fname, NULL);
+	if (dest_name == NULL) {
+		config_error(rec, g_strerror(errno));
+		ret = -1;
+		goto out;
+	}
+
 	tmp_name = g_strdup_printf("%s.XXXXXX", dest_name);
 
 	fd = g_mkstemp_full(tmp_name,
@@ -350,15 +356,7 @@ int config_write(CONFIG_REC *rec, const char *fname, int create_mode)
 	g_io_channel_unref(rec->handle);
 	rec->handle = NULL;
 
-	/* expand all symlinks; else we may replace a symlink with a regular file */
+	if (rename(tmp_name, dest_name) == -1) {
-	real_dest = realpath(dest_name, NULL);
-	if (real_dest == NULL) {
-		unlink(tmp_name);
-		config_error(rec, g_strerror(errno));
-		goto out;
-	}
-
-	if (rename(tmp_name, real_dest) == -1) {
 		unlink(tmp_name);
 		config_error(rec, g_strerror(errno));
 		goto out;
@@ -371,7 +369,7 @@ out:
 	}
 
 	g_free(tmp_name);
-	g_free(real_dest);
+	g_free(dest_name);
 
 	return ret;
 }