diff options
| author | Mark Shannon <mark@hotpy.org> | 2021-12-16 15:56:01 (GMT) |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-12-16 15:56:01 (GMT) |
| commit | 86f42851c050d756679ae7797f8720adaef381c4 (patch) | |
| tree | 3b5098a4d2d8c7c74185de7500b951eec3e4d15a /Python | |
| parent | 30322c497e0b8d978f7a0de95985aac9c5daf1ac (diff) | |
| download | cpython-86f42851c050d756679ae7797f8720adaef381c4.zip cpython-86f42851c050d756679ae7797f8720adaef381c4.tar.gz cpython-86f42851c050d756679ae7797f8720adaef381c4.tar.bz2 | |
Better randomization of stats filenames. (GH-30145)
Diffstat (limited to 'Python')
| -rw-r--r-- | Python/specialize.c | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/Python/specialize.c b/Python/specialize.c index 730e2f0..1f168e3 100644 --- a/Python/specialize.c +++ b/Python/specialize.c @@ -167,8 +167,20 @@ _Py_PrintSpecializationStats(int to_file) # else const char *dirname = "/tmp/py_stats/"; # endif - char buf[48]; - sprintf(buf, "%s%u_%u.txt", dirname, (unsigned)clock(), (unsigned)rand()); + /* Use random 160 bit number as file name, + * to avoid both accidental collisions and + * symlink attacks. */ + unsigned char rand[20]; + char hex_name[41]; + _PyOS_URandomNonblock(rand, 20); + for (int i = 0; i < 20; i++) { + hex_name[2*i] = "0123456789abcdef"[rand[i]&15]; + hex_name[2*i+1] = "0123456789abcdef"[(rand[i]>>4)&15]; + } + hex_name[40] = '\0'; + char buf[64]; + assert(strlen(dirname) + 40 + strlen(".txt") < 64); + sprintf(buf, "%s%s.txt", dirname, hex_name); FILE *fout = fopen(buf, "w"); if (fout) { out = fout; |