From: Mike Frysinger <vapier@gentoo.org>
Date: Thu, 20 Aug 2015 11:12:59 +0000 (-0400)
Subject: libiptc: fix fortify errors in debug code
X-Git-Tag: v1.6.0~10
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=6028d4aa2df564f4f50cbaab96e5fdaa83996933;p=thirdparty%2Fiptables.git

libiptc: fix fortify errors in debug code

When using open(O_CREAT), you must supply the mode bits, otherwise the
func will pull random garbage off the stack.

Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---

diff --git a/libiptc/libiptc.c b/libiptc/libiptc.c
index f0f78155..9c07bb40 100644
--- a/libiptc/libiptc.c
+++ b/libiptc/libiptc.c
@@ -1357,7 +1357,7 @@ retry:
 #ifdef IPTC_DEBUG2
 	{
 		int fd = open("/tmp/libiptc-so_get_entries.blob",
-				O_CREAT|O_WRONLY);
+				O_CREAT|O_WRONLY, 0644);
 		if (fd >= 0) {
 			write(fd, h->entries, tmp);
 			close(fd);
@@ -2588,7 +2588,7 @@ TC_COMMIT(struct xtc_handle *handle)
 #ifdef IPTC_DEBUG2
 	{
 		int fd = open("/tmp/libiptc-so_set_replace.blob",
-				O_CREAT|O_WRONLY);
+				O_CREAT|O_WRONLY, 0644);
 		if (fd >= 0) {
 			write(fd, repl, sizeof(*repl) + repl->size);
 			close(fd);
@@ -2664,7 +2664,7 @@ TC_COMMIT(struct xtc_handle *handle)
 #ifdef IPTC_DEBUG2
 	{
 		int fd = open("/tmp/libiptc-so_set_add_counters.blob",
-				O_CREAT|O_WRONLY);
+				O_CREAT|O_WRONLY, 0644);
 		if (fd >= 0) {
 			write(fd, newcounters, counterlen);
 			close(fd);