Close security hole in tmpfile.

* libc/stdio/tmpfile.c (_tmpfile_r): Avoid window between filename
generation and opening the fd.
* libc/stdio64/tmpfile64.c (_tmpfile64_r): Likewise.
This commit is contained in:
Eric Blake
2007-05-16 20:06:08 +00:00
parent 895d76fed6
commit d009633d30
3 changed files with 41 additions and 5 deletions

View File

@@ -1,5 +1,10 @@
2007-05-16 Eric Blake <ebb9@byu.net> 2007-05-16 Eric Blake <ebb9@byu.net>
Close security hole in tmpfile.
* libc/stdio/tmpfile.c (_tmpfile_r): Avoid window between filename
generation and opening the fd.
* libc/stdio64/tmpfile64.c (_tmpfile64_r): Likewise.
* libc/include/math.h (INFINITY, NAN, FP_ILOGB0, FP_ILOGBNAN) * libc/include/math.h (INFINITY, NAN, FP_ILOGB0, FP_ILOGBNAN)
(MATH_ERRNO, MATH_ERREXCEPT, math_errhandling): Add macros (MATH_ERRNO, MATH_ERREXCEPT, math_errhandling): Add macros
required by POSIX. required by POSIX.

View File

@@ -49,6 +49,11 @@ Supporting OS subroutines required: <<close>>, <<fstat>>, <<getpid>>,
#include <reent.h> #include <reent.h>
#include <stdio.h> #include <stdio.h>
#include <errno.h> #include <errno.h>
#include <fcntl.h>
#ifndef O_BINARY
# define O_BINARY 0
#endif
FILE * FILE *
_DEFUN(_tmpfile_r, (ptr), _DEFUN(_tmpfile_r, (ptr),
@@ -58,11 +63,22 @@ _DEFUN(_tmpfile_r, (ptr),
int e; int e;
char *f; char *f;
char buf[L_tmpnam]; char buf[L_tmpnam];
int fd;
do
{
if ((f = _tmpnam_r (ptr, buf)) == NULL) if ((f = _tmpnam_r (ptr, buf)) == NULL)
return NULL; return NULL;
fp = _fopen_r (ptr, f, "wb+"); fd = _open_r (ptr, f, O_RDWR | O_CREAT | O_EXCL | O_BINARY,
S_IRUSR | S_IWUSR);
}
while (fd < 0 && ptr->_errno == EEXIST);
if (fd < 0)
return NULL;
fp = _fdopen_r (ptr, fd, "wb+");
e = ptr->_errno; e = ptr->_errno;
if (!fp)
_close_r (ptr, fd);
_CAST_VOID _remove_r (ptr, f); _CAST_VOID _remove_r (ptr, f);
ptr->_errno = e; ptr->_errno = e;
return fp; return fp;

View File

@@ -49,6 +49,11 @@ Supporting OS subroutines required: <<close>>, <<fstat>>, <<getpid>>,
#include <stdio.h> #include <stdio.h>
#include <errno.h> #include <errno.h>
#include <fcntl.h>
#ifndef O_BINARY
# define O_BINARY 0
#endif
#ifdef __LARGE64_FILES #ifdef __LARGE64_FILES
@@ -60,11 +65,22 @@ _DEFUN (_tmpfile64_r, (ptr),
int e; int e;
char *f; char *f;
char buf[L_tmpnam]; char buf[L_tmpnam];
int fd;
do
{
if ((f = _tmpnam_r (ptr, buf)) == NULL) if ((f = _tmpnam_r (ptr, buf)) == NULL)
return NULL; return NULL;
fp = _fopen64_r (ptr, (const char *)f, "wb+"); fd = _open64_r (ptr, f, O_RDWR | O_CREAT | O_EXCL | O_BINARY,
S_IRUSR | S_IWUSR);
}
while (fd < 0 && ptr->_errno == EEXIST);
if (fd < 0)
return NULL;
fp = _fdopen64_r (ptr, fd, "wb+");
e = ptr->_errno; e = ptr->_errno;
if (!fp)
_close_r (ptr, fd);
_CAST_VOID _remove_r (ptr, f); _CAST_VOID _remove_r (ptr, f);
ptr->_errno = e; ptr->_errno = e;
return fp; return fp;
@@ -81,4 +97,3 @@ _DEFUN_VOID (tmpfile64)
#endif #endif
#endif /* __LARGE64_FILES */ #endif /* __LARGE64_FILES */