Temp files could not be created in some sandboxed applications (rdar://37789645)

cups/tempfile.c:
- Use confstr to get the user temp dir when TMPDIR isn't set or we are not
  being run from cupsd.

diff --git a/CHANGES.md b/CHANGES.md
index 3c74c2133990fa303a64f4481ec9fbef6719cab1..b860bbdfd250f7be4edbbdcec623137a07cc159f 100644 (file)
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1,4 +1,4 @@
-CHANGES - 2.3rc1 - 2018-02-20
+CHANGES - 2.3rc1 - 2018-02-22
 =============================
 
 Changes in CUPS v2.3rc1
@@ -10,6 +10,8 @@ Changes in CUPS v2.3rc1
   print queues like those shared by CUPS 1.3 and earlier (Issue #5241)
 - The IPP backend did not properly detect failed PDF prints (rdar://34055474)
 - TLS connections now properly timeout (rdar://34938533)
+- Temp files could not be created in some sandboxed applications
+  (rdar://37789645)
 - Documentation fixes (Issue #5252)
 
 

diff --git a/cups/tempfile.c b/cups/tempfile.c
index cd887f901e830bec194ce5281e917efc1998a495..97972bd829bcc65cc7c4279f491b3f85beceb23d 100644 (file)
--- a/cups/tempfile.c
+++ b/cups/tempfile.c
@@ -1,10 +1,11 @@
 /*
  * Temp file utilities for CUPS.
  *
- * Copyright 2007-2014 by Apple Inc.
- * Copyright 1997-2006 by Easy Software Products.
+ * Copyright © 2007-2018 by Apple Inc.
+ * Copyright © 1997-2006 by Easy Software Products.
  *
- * Licensed under Apache License v2.0.  See the file "LICENSE" for more information.
+ * Licensed under Apache License v2.0.  See the file "LICENSE" for more
+ * information.
  */
 
 /*
@@ -36,8 +37,10 @@ cupsTempFd(char *filename,           /* I - Pointer to buffer */
   int          fd;                     /* File descriptor for temp file */
   int          tries;                  /* Number of tries */
   const char   *tmpdir;                /* TMPDIR environment var */
+#if defined(__APPLE__) || defined(WIN32)
+  char         tmppath[1024];          /* Temporary directory */
+#endif /* __APPLE__ || WIN32 */
 #ifdef WIN32
-  char         tmppath[1024];          /* Windows temporary directory */
   DWORD                curtime;                /* Current time */
 #else
   struct timeval curtime;              /* Current time */
@@ -54,6 +57,27 @@ cupsTempFd(char *filename,           /* I - Pointer to buffer */
     GetTempPath(sizeof(tmppath), tmppath);
     tmpdir = tmppath;
   }
+
+#elif defined(__APPLE__)
+ /*
+  * On macOS and iOS, the TMPDIR environment variable is not always the best
+  * location to place temporary files due to sandboxing.  Instead, the confstr
+  * function should be called when running as a normal process (not a child of
+  * cupsd) to get the proper per-user, per-process TMPDIR value.  We know
+  * whether the process is running as a child of cupsd by the presence of the
+  * "SOFTWARE" environment variable that cupsd sets.
+  */
+
+  tmpdir = getenv("TMPDIR");
+
+  if (!getenv("SOFTWARE") || !tmpdir)
+  {
+    if (confstr(_CS_DARWIN_USER_TEMP_DIR, tmppath, sizeof(tmppath)))
+      tmpdir = tmppath;
+    else
+      tmpdir = "/private/tmp";         /* This should never happen */
+  }
+
 #else
  /*
   * Previously we put root temporary files in the default CUPS temporary
@@ -63,11 +87,7 @@ cupsTempFd(char *filename,           /* I - Pointer to buffer */
   */
 
   if ((tmpdir = getenv("TMPDIR")) == NULL)
-#  if defined(__APPLE__) && !TARGET_OS_IOS
-    tmpdir = "/private/tmp";           /* /tmp is a symlink to /private/tmp */
-#  else
     tmpdir = "/tmp";
-#  endif /* __APPLE__  && !TARGET_OS_IOS */
 #endif /* WIN32 */
 
  /*