- correct insecure tempfile handling

From security-audit mailinglist through
Gabriel Kihlman <gk@stacken.kth.se>

net/arpwatch/patches/patch-mktemp

@@ -0,0 +1,29 @@
+$OpenBSD: patch-mktemp,v 1.1 2000/10/13 07:25:39 camield Exp $
+
+Correct insecure tempfile handling.
+
+--- report.c.orig	Wed Jul 29 07:16:46 1998
++++ report.c	Fri Oct 13 09:15:00 2000
+@@ -239,7 +239,7 @@
+     register u_char *e2, register time_t *t1p, register time_t *t2p)
+ {
+ 	register char *cp, *hn;
+-	register int pid;
++	register int fd, pid;
+ 	register FILE *f;
+ 	char tempfile[64], cpu[64], os[64];
+ 	char *fmt = "%20s: %s\n";
+@@ -286,8 +286,11 @@
+ 		/* Child */
+ 		closelog();
+ 		(void)strcpy(tempfile, "/tmp/arpwatch.XXXXXX");
+-		(void)mktemp(tempfile);
+-		if ((f = fopen(tempfile, "w+")) == NULL) {
++		if ((fd = mkstemp(tempfile)) == -1 || (f = fdopen(fd, "w+")) == NULL) {
++			if (fd != -1) {
++				unlink(tempfile);
++				close(fd);
++			}
+ 			syslog(LOG_ERR, "child open(%s): %m", tempfile);
+ 			exit(1);
+ 		}