This is the mail archive of the
cluster-cvs@sourceware.org
mailing list for the cluster.
STABLE2 - ccs_tool: randomize temporary file
- From: "Fabio M. Di Nitto" <fabbione at fedoraproject dot org>
- To: cluster-cvs-relay at redhat dot com
- Date: Thu, 30 Oct 2008 12:22:37 +0000 (UTC)
- Subject: STABLE2 - ccs_tool: randomize temporary file
Gitweb: http://git.fedorahosted.org/git/cluster.git?p=cluster.git;a=commitdiff;h=7a798fa3bc2aa3cbea40ec91b326abd58fd738bd
Commit: 7a798fa3bc2aa3cbea40ec91b326abd58fd738bd
Parent: 5482f2c16e3a76d4dbdcf3477fc9627c4cb00807
Author: Fabio M. Di Nitto <fdinitto@redhat.com>
AuthorDate: Thu Oct 30 13:21:38 2008 +0100
Committer: Fabio M. Di Nitto <fdinitto@redhat.com>
CommitterDate: Thu Oct 30 13:21:38 2008 +0100
ccs_tool: randomize temporary file
by using a static path to /tmp, the operation can be used to trigger
a local DoS by a normal user.
Switch to mkostemp(3).
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
---
ccs/ccs_tool/upgrade.c | 7 ++++---
1 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/ccs/ccs_tool/upgrade.c b/ccs/ccs_tool/upgrade.c
index a8a2314..b7cecf0 100644
--- a/ccs/ccs_tool/upgrade.c
+++ b/ccs/ccs_tool/upgrade.c
@@ -182,7 +182,7 @@ static void ccs_dh_in(ccs_dh_t *dh, char *buf){
static int upgrade_device_archive(char *location){
int error = 0;
int dev_fd=-1, tmp_fd=-1;
- char tmp_file[64];
+ char tmp_file[128];
void *buffer = NULL;
char *buffer_p;
ccs_dh_t dev_header;
@@ -220,9 +220,10 @@ static int upgrade_device_archive(char *location){
goto fail;
}
- sprintf(tmp_file, "/tmp/tmp_%d", getpid());
+ memset(tmp_file, 0, 128);
+ sprintf(tmp_file, "/tmp/ccs_tool_tmp_XXXXXX");
- tmp_fd = open(tmp_file, O_RDWR | O_CREAT |O_TRUNC, S_IRUSR|S_IWUSR);
+ tmp_fd = mkostemp(tmp_file, O_RDWR | O_CREAT |O_TRUNC);
if(tmp_fd < 0){
fprintf(stderr, "Unable to create temporary archive: %s\n", strerror(errno));
error = -errno;