From 2c1380976a137f6dea42069da86488ca3f34345c Mon Sep 17 00:00:00 2001 From: hobbs Date: Thu, 29 Mar 2001 19:45:20 +0000 Subject: * unix/tclUnixPipe.c (TclpCreateTempFile): prevent potential race condition and security leak in tmp filename creation. (max) [Patch #402924] --- ChangeLog | 6 +++++- unix/tclUnixPipe.c | 9 +++++++-- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index a2ebd8f..cf3bd1f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,8 +1,12 @@ 2001-03-29 Jeff Hobbs + * unix/tclUnixPipe.c (TclpCreateTempFile): prevent potential race + condition and security leak in tmp filename creation. + (max) [Patch #402924] + * unix/configure: * unix/tcl.m4: corrected IRIX-5.x config to not use -n32. - (english) [Patch 403626] + (english) [Patch #403626] * unix/tclUnixThrd.c (Tcl_ConditionWait): fixed handling of timeout for threads (corrects excessive CPU usage issue for Tk on diff --git a/unix/tclUnixPipe.c b/unix/tclUnixPipe.c index 0b56333..bf5a005 100644 --- a/unix/tclUnixPipe.c +++ b/unix/tclUnixPipe.c @@ -10,7 +10,7 @@ * See the file "license.terms" for information on usage and redistribution * of this file, and for a DISCLAIMER OF ALL WARRANTIES. * - * RCS: @(#) $Id: tclUnixPipe.c,v 1.10 2000/09/06 18:46:13 hobbs Exp $ + * RCS: @(#) $Id: tclUnixPipe.c,v 1.11 2001/03/29 19:45:20 hobbs Exp $ */ #include "tclInt.h" @@ -186,10 +186,15 @@ TclpCreateTempFile(contents) Tcl_DString dstring; int fd; + /* + * Linux says we should use mkstemp, but Solaris prefers tmpnam. + * We should also check against making more then TMP_MAX of these. + */ + if (tmpnam(fileName) == NULL) { /* INTL: Native. */ return NULL; } - fd = open(fileName, O_RDWR|O_CREAT|O_TRUNC, 0666); /* INTL: Native. */ + fd = open(fileName, O_RDWR|O_CREAT|O_EXCL, 0666); /* INTL: Native. */ if (fd == -1) { return NULL; } -- cgit v0.12