From 4840d5e3f77199f737f180b67b939f35a9dbaa7e Mon Sep 17 00:00:00 2001 From: Francesco Chemolli Date: Fri, 15 Feb 2013 19:28:01 -0700 Subject: [PATCH] Fix coverity scan issue 740457: unsecure temporary file creation --- src/tools.cc | 34 ++++++++++++++++------------------ 1 file changed, 16 insertions(+), 18 deletions(-) diff --git a/src/tools.cc b/src/tools.cc index ad9f20ad35..68756ee736 100644 --- a/src/tools.cc +++ b/src/tools.cc @@ -114,28 +114,27 @@ mail_warranty(void) { FILE *fp = NULL; static char command[256]; -#if HAVE_MKSTEMP + const mode_t prev_umask=umask(S_IRWXU); + +#if HAVE_MKSTEMP char filename[] = "/tmp/squid-XXXXXX"; int tfd = mkstemp(filename); - - if (tfd < 0) - return; - - if ((fp = fdopen(tfd, "w")) == NULL) + if (tfd < 0 || (fp = fdopen(tfd, "w")) == NULL) { + umask(prev_umask); return; - + } #else - char *filename; - - if ((filename = tempnam(NULL, APP_SHORTNAME)) == NULL) + // XXX tempnam is obsolete since POSIX.2008-1 + // tmpfile is not an option, we want the created files to stick around + if ((filename = tempnam(NULL, APP_SHORTNAME)) == NULL || + (fp = fopen(filename, "w")) == NULL) { + umask(prev_umask); return; - - if ((fp = fopen(filename, "w")) == NULL) - return; - + } #endif + umask(prev_umask); if (Config.EmailFrom) fprintf(fp, "From: %s\n", Config.EmailFrom); @@ -143,16 +142,15 @@ mail_warranty(void) fprintf(fp, "From: %s@%s\n", APP_SHORTNAME, uniqueHostname()); fprintf(fp, "To: %s\n", Config.adminEmail); - fprintf(fp, "Subject: %s\n", dead_msg()); - fclose(fp); snprintf(command, 256, "%s %s < %s", Config.EmailProgram, Config.adminEmail, filename); - if (system(command)) {} /* XXX should avoid system(3) */ - unlink(filename); +#if !HAVE_MKSTEMP + xfree(filename); // tempnam() requires us to free its allocation +#endif } void -- 2.39.2