- correct insecure tempfile handling

From security-audit mailinglist through Gabriel Kihlman <gk@stacken.kth.se>
2000-10-13 07:25:39 +00:00 · 2000-10-13 07:25:39 +00:00 · da890773ef
commit da890773ef
parent 3865cc190e
1 changed files with 29 additions and 0 deletions
--- a/net/arpwatch/patches/patch-mktemp
+++ b/net/arpwatch/patches/patch-mktemp
@ -0,0 +1,29 @@
+$OpenBSD: patch-mktemp,v 1.1 2000/10/13 07:25:39 camield Exp $
+
+Correct insecure tempfile handling.
+
+--- report.c.orig	Wed Jul 29 07:16:46 1998
+++ report.c	Fri Oct 13 09:15:00 2000
+@@ -239,7 +239,7 @@
+     register u_char *e2, register time_t *t1p, register time_t *t2p)
+ {
+ 	register char *cp, *hn;
+-	register int pid;
+	register int fd, pid;
+ 	register FILE *f;
+ 	char tempfile[64], cpu[64], os[64];
+ 	char *fmt = "%20s: %s\n";
+@@ -286,8 +286,11 @@
+ 		/* Child */
+ 		closelog();
+ 		(void)strcpy(tempfile, "/tmp/arpwatch.XXXXXX");
+-		(void)mktemp(tempfile);
+-		if ((f = fopen(tempfile, "w+")) == NULL) {
+		if ((fd = mkstemp(tempfile)) == -1 || (f = fdopen(fd, "w+")) == NULL) {
+			if (fd != -1) {
+				unlink(tempfile);
+				close(fd);
+			}
+ 			syslog(LOG_ERR, "child open(%s): %m", tempfile);
+ 			exit(1);
+ 		}