diff options
| author | hobbs <hobbs> | 2001-03-29 19:45:20 (GMT) |
|---|---|---|
| committer | hobbs <hobbs> | 2001-03-29 19:45:20 (GMT) |
| commit | 2c1380976a137f6dea42069da86488ca3f34345c (patch) | |
| tree | 5accbadf4b7dd60d58069f94309ef24579ea83ab /unix/tclUnixPipe.c | |
| parent | 5ac202571351170b56fce14788efeb4316590e8b (diff) | |
| download | tcl-2c1380976a137f6dea42069da86488ca3f34345c.zip tcl-2c1380976a137f6dea42069da86488ca3f34345c.tar.gz tcl-2c1380976a137f6dea42069da86488ca3f34345c.tar.bz2 | |
* unix/tclUnixPipe.c (TclpCreateTempFile): prevent potential race
condition and security leak in tmp filename creation.
(max) [Patch #402924]
Diffstat (limited to 'unix/tclUnixPipe.c')
| -rw-r--r-- | unix/tclUnixPipe.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/unix/tclUnixPipe.c b/unix/tclUnixPipe.c index 0b56333..bf5a005 100644 --- a/unix/tclUnixPipe.c +++ b/unix/tclUnixPipe.c @@ -10,7 +10,7 @@ * See the file "license.terms" for information on usage and redistribution * of this file, and for a DISCLAIMER OF ALL WARRANTIES. * - * RCS: @(#) $Id: tclUnixPipe.c,v 1.10 2000/09/06 18:46:13 hobbs Exp $ + * RCS: @(#) $Id: tclUnixPipe.c,v 1.11 2001/03/29 19:45:20 hobbs Exp $ */ #include "tclInt.h" @@ -186,10 +186,15 @@ TclpCreateTempFile(contents) Tcl_DString dstring; int fd; + /* + * Linux says we should use mkstemp, but Solaris prefers tmpnam. + * We should also check against making more then TMP_MAX of these. + */ + if (tmpnam(fileName) == NULL) { /* INTL: Native. */ return NULL; } - fd = open(fileName, O_RDWR|O_CREAT|O_TRUNC, 0666); /* INTL: Native. */ + fd = open(fileName, O_RDWR|O_CREAT|O_EXCL, 0666); /* INTL: Native. */ if (fd == -1) { return NULL; } |