From: Theodore Ts'o <tytso@mit.edu>
Date: Thu, 9 Jan 2014 20:18:44 +0000 (-0500)
Subject: Save and restore umask around calls to mkstemp()
X-Git-Tag: v1.42.10~117
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=253a96500a8fbe7266fe2daa066768cbaa1d3137;p=thirdparty%2Fe2fsprogs.git

Save and restore umask around calls to mkstemp()

The races would be hard to exploit, but let's close them off.

Addresses-Coverity-Id: #709504
Addresses-Coverity-Id: #709505
Addresses-Coverity-Id: #709506

Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
---

diff --git a/e2fsck/dirinfo.c b/e2fsck/dirinfo.c
index dc08f90a6..dbaf4712b 100644
--- a/e2fsck/dirinfo.c
+++ b/e2fsck/dirinfo.c
@@ -42,6 +42,7 @@ static void setup_tdb(e2fsck_t ctx, ext2_ino_t num_dirs)
 	struct dir_info_db	*db = ctx->dir_info;
 	unsigned int		threshold;
 	errcode_t		retval;
+	mode_t			save_umask;
 	char			*tdb_dir, uuid[40];
 	int			fd, enable;
 
@@ -62,7 +63,9 @@ static void setup_tdb(e2fsck_t ctx, ext2_ino_t num_dirs)
 
 	uuid_unparse(ctx->fs->super->s_uuid, uuid);
 	sprintf(db->tdb_fn, "%s/%s-dirinfo-XXXXXX", tdb_dir, uuid);
+	save_umask = umask(077);
 	fd = mkstemp(db->tdb_fn);
+	umask(save_umask);
 	if (fd < 0) {
 		db->tdb = NULL;
 		return;
diff --git a/lib/blkid/save.c b/lib/blkid/save.c
index 6c20168b8..c55e0437e 100644
--- a/lib/blkid/save.c
+++ b/lib/blkid/save.c
@@ -94,8 +94,10 @@ int blkid_flush_cache(blkid_cache cache)
 	if (ret == 0 && S_ISREG(st.st_mode)) {
 		tmp = malloc(strlen(filename) + 8);
 		if (tmp) {
+			mode_t save_umask = umask(022);
 			sprintf(tmp, "%s-XXXXXX", filename);
 			fd = mkstemp(tmp);
+			umask(save_umask);
 			if (fd >= 0) {
 				file = fdopen(fd, "w");
 				opened = tmp;
diff --git a/lib/ext2fs/icount.c b/lib/ext2fs/icount.c
index 80085e1b2..a3b20f065 100644
--- a/lib/ext2fs/icount.c
+++ b/lib/ext2fs/icount.c
@@ -181,6 +181,7 @@ errcode_t ext2fs_create_icount_tdb(ext2_filsys fs, char *tdb_dir,
 	errcode_t	retval;
 	char 		*fn, uuid[40];
 	ext2_ino_t	num_inodes;
+	mode_t		save_umask;
 	int		fd;
 
 	retval = alloc_icount(fs, flags,  &icount);
@@ -193,11 +194,13 @@ errcode_t ext2fs_create_icount_tdb(ext2_filsys fs, char *tdb_dir,
 	uuid_unparse(fs->super->s_uuid, uuid);
 	sprintf(fn, "%s/%s-icount-XXXXXX", tdb_dir, uuid);
 	icount->tdb_fn = fn;
+	save_umask = umask(077);
 	fd = mkstemp(fn);
 	if (fd < 0) {
 		retval = errno;
 		goto errout;
 	}
+	umask(save_umask);
 	/*
 	 * This is an overestimate of the size that we will need; the
 	 * ideal value is the number of used inodes with a count