src/rrd_create.c: fix Coverity CID#32425 Insecure temporary file

author Marek Schimara <Marek.Schimara@bull.net>

Wed, 15 Jun 2016 07:25:45 +0000 (09:25 +0200)

committer Marek Schimara <Marek.Schimara@bull.net>

Thu, 23 Jun 2016 14:32:32 +0000 (16:32 +0200)
author Marek Schimara <Marek.Schimara@bull.net>
Wed, 15 Jun 2016 07:25:45 +0000 (09:25 +0200)
committer Marek Schimara <Marek.Schimara@bull.net>
Thu, 23 Jun 2016 14:32:32 +0000 (16:32 +0200)
diff --git a/src/rrd_create.c b/src/rrd_create.c

index ac5c8ff4f5a2cf97dad9c9561e2b5a36166fd395..9adc0f042d2f4d63802a820de61066c2757a65a5 100644 (file)
--- a/src/rrd_create.c
+++ b/src/rrd_create.c
@@ -1313,6 +1313,7 @@ done:
  int write_rrd(const char *outfilename, rrd_t *out) {
      int rc = -1;
      char *tmpfilename = NULL;
+    mode_t saved_umask;
  
      /* write out the new file */
  #ifdef HAVE_LIBRADOS
@@ -1337,7 +1338,10 @@ int write_rrd(const char *outfilename, rrd_t *out) {
         strcpy(tmpfilename, outfilename);
         strcat(tmpfilename, "XXXXXX");
         
+       /* fix CWE-377 */
+       saved_umask = umask(S_IRUSR|S_IWUSR);
         int tmpfd = mkstemp(tmpfilename);
+       umask(saved_umask);
         if (tmpfd < 0) {
             rrd_set_error("Cannot create temporary file");
             goto done;
author	Marek Schimara <Marek.Schimara@bull.net>
	Wed, 15 Jun 2016 07:25:45 +0000 (09:25 +0200)
committer	Marek Schimara <Marek.Schimara@bull.net>
	Thu, 23 Jun 2016 14:32:32 +0000 (16:32 +0200)