From: Cristian Rodríguez <crrodriguez@opensuse.org>
Date: Mon, 27 Jul 2020 14:11:33 +0000 (-0400)
Subject: use O_TMPFILE if it works/is supported in __archive_mktemp
X-Git-Tag: v3.5.0~17^2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=b6bb4e0e62facb1f787e2e269182a5ce5b5cfdf9;p=thirdparty%2Flibarchive.git

use O_TMPFILE if it works/is supported in __archive_mktemp

This makes the function safer on linux since the file is warrantied to never
be visible on the filesystem, cannot be linked anywhere unless O_EXCL is
not specified and it is lost forever on any kind of program termination.
---

diff --git a/libarchive/archive_util.c b/libarchive/archive_util.c
index c76ecc5b0..b1582edbe 100644
--- a/libarchive/archive_util.c
+++ b/libarchive/archive_util.c
@@ -433,6 +433,11 @@ __archive_mktemp(const char *tmpdir)
 		if (temp_name.s[temp_name.length-1] != '/')
 			archive_strappend_char(&temp_name, '/');
 	}
+#ifdef O_TMPFILE
+	fd = open(temp_name.s, O_RDWR|O_CLOEXEC|O_TMPFILE|O_EXCL, 0600); 
+	if(fd >= 0)
+		goto exit_tmpfile;
+#endif
 	archive_strcat(&temp_name, "libarchive_XXXXXX");
 	fd = mkstemp(temp_name.s);
 	if (fd < 0)