Close security hole in tmpfile.
* libc/stdio/tmpfile.c (_tmpfile_r): Avoid window between filename generation and opening the fd. * libc/stdio64/tmpfile64.c (_tmpfile64_r): Likewise.
This commit is contained in:
		| @@ -1,5 +1,10 @@ | |||||||
| 2007-05-16  Eric Blake  <ebb9@byu.net> | 2007-05-16  Eric Blake  <ebb9@byu.net> | ||||||
|  |  | ||||||
|  | 	Close security hole in tmpfile. | ||||||
|  | 	* libc/stdio/tmpfile.c (_tmpfile_r): Avoid window between filename | ||||||
|  | 	generation and opening the fd. | ||||||
|  | 	* libc/stdio64/tmpfile64.c (_tmpfile64_r): Likewise. | ||||||
|  |  | ||||||
| 	* libc/include/math.h (INFINITY, NAN, FP_ILOGB0, FP_ILOGBNAN) | 	* libc/include/math.h (INFINITY, NAN, FP_ILOGB0, FP_ILOGBNAN) | ||||||
| 	(MATH_ERRNO, MATH_ERREXCEPT, math_errhandling): Add macros | 	(MATH_ERRNO, MATH_ERREXCEPT, math_errhandling): Add macros | ||||||
| 	required by POSIX. | 	required by POSIX. | ||||||
|   | |||||||
| @@ -49,6 +49,11 @@ Supporting OS subroutines required: <<close>>, <<fstat>>, <<getpid>>, | |||||||
| #include <reent.h> | #include <reent.h> | ||||||
| #include <stdio.h> | #include <stdio.h> | ||||||
| #include <errno.h> | #include <errno.h> | ||||||
|  | #include <fcntl.h> | ||||||
|  |  | ||||||
|  | #ifndef O_BINARY | ||||||
|  | # define O_BINARY 0 | ||||||
|  | #endif | ||||||
|  |  | ||||||
| FILE * | FILE * | ||||||
| _DEFUN(_tmpfile_r, (ptr), | _DEFUN(_tmpfile_r, (ptr), | ||||||
| @@ -58,11 +63,22 @@ _DEFUN(_tmpfile_r, (ptr), | |||||||
|   int e; |   int e; | ||||||
|   char *f; |   char *f; | ||||||
|   char buf[L_tmpnam]; |   char buf[L_tmpnam]; | ||||||
|  |   int fd; | ||||||
|  |  | ||||||
|  |   do | ||||||
|  |     { | ||||||
|       if ((f = _tmpnam_r (ptr, buf)) == NULL) |       if ((f = _tmpnam_r (ptr, buf)) == NULL) | ||||||
| 	return NULL; | 	return NULL; | ||||||
|   fp = _fopen_r (ptr, f, "wb+"); |       fd = _open_r (ptr, f, O_RDWR | O_CREAT | O_EXCL | O_BINARY, | ||||||
|  | 		    S_IRUSR | S_IWUSR); | ||||||
|  |     } | ||||||
|  |   while (fd < 0 && ptr->_errno == EEXIST); | ||||||
|  |   if (fd < 0) | ||||||
|  |     return NULL; | ||||||
|  |   fp = _fdopen_r (ptr, fd, "wb+"); | ||||||
|   e = ptr->_errno; |   e = ptr->_errno; | ||||||
|  |   if (!fp) | ||||||
|  |     _close_r (ptr, fd); | ||||||
|   _CAST_VOID _remove_r (ptr, f); |   _CAST_VOID _remove_r (ptr, f); | ||||||
|   ptr->_errno = e; |   ptr->_errno = e; | ||||||
|   return fp; |   return fp; | ||||||
|   | |||||||
| @@ -49,6 +49,11 @@ Supporting OS subroutines required: <<close>>, <<fstat>>, <<getpid>>, | |||||||
|  |  | ||||||
| #include <stdio.h> | #include <stdio.h> | ||||||
| #include <errno.h> | #include <errno.h> | ||||||
|  | #include <fcntl.h> | ||||||
|  |  | ||||||
|  | #ifndef O_BINARY | ||||||
|  | # define O_BINARY 0 | ||||||
|  | #endif | ||||||
|  |  | ||||||
| #ifdef __LARGE64_FILES | #ifdef __LARGE64_FILES | ||||||
|  |  | ||||||
| @@ -60,11 +65,22 @@ _DEFUN (_tmpfile64_r, (ptr), | |||||||
|   int e; |   int e; | ||||||
|   char *f; |   char *f; | ||||||
|   char buf[L_tmpnam]; |   char buf[L_tmpnam]; | ||||||
|  |   int fd; | ||||||
|  |  | ||||||
|  |   do | ||||||
|  |   { | ||||||
|      if ((f = _tmpnam_r (ptr, buf)) == NULL) |      if ((f = _tmpnam_r (ptr, buf)) == NULL) | ||||||
| 	return NULL; | 	return NULL; | ||||||
|   fp = _fopen64_r (ptr, (const char *)f, "wb+"); |       fd = _open64_r (ptr, f, O_RDWR | O_CREAT | O_EXCL | O_BINARY, | ||||||
|  | 		      S_IRUSR | S_IWUSR); | ||||||
|  |   } | ||||||
|  |   while (fd < 0 && ptr->_errno == EEXIST); | ||||||
|  |   if (fd < 0) | ||||||
|  |     return NULL; | ||||||
|  |   fp = _fdopen64_r (ptr, fd, "wb+"); | ||||||
|   e = ptr->_errno; |   e = ptr->_errno; | ||||||
|  |   if (!fp) | ||||||
|  |     _close_r (ptr, fd); | ||||||
|   _CAST_VOID _remove_r (ptr, f); |   _CAST_VOID _remove_r (ptr, f); | ||||||
|   ptr->_errno = e; |   ptr->_errno = e; | ||||||
|   return fp; |   return fp; | ||||||
| @@ -81,4 +97,3 @@ _DEFUN_VOID (tmpfile64) | |||||||
| #endif | #endif | ||||||
|  |  | ||||||
| #endif /* __LARGE64_FILES */ | #endif /* __LARGE64_FILES */ | ||||||
|  |  | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user