libmount: make mkstemp() more robust [coverity scan]

Signed-off-by: Karel Zak <kzak@redhat.com>

diff --git a/libmount/src/utils.c b/libmount/src/utils.c
index adb7bd5cda44eca6eaf3e8bed25e3ff2aca440f8..9d294b59910861df076b05c0a7f377344cf365fe 100644 (file)
--- a/libmount/src/utils.c
+++ b/libmount/src/utils.c
@@ -810,6 +810,7 @@ int mnt_open_uniq_filename(const char *filename, char **name)
 {
        int rc, fd;
        char *n;
+       mode_t oldmode;
 
        assert(filename);
 
@@ -820,7 +821,14 @@ int mnt_open_uniq_filename(const char *filename, char **name)
        if (rc <= 0)
                return -errno;
 
+       /* This is for very old glibc and for compatibility with Posix where is
+        * nothing about mkstemp() mode. All sane glibc use secure mode (0600).
+        */
+       oldmode = umask(S_IRGRP|S_IWGRP|S_IXGRP
+                       S_IROTH|S_IWOTH|S_IXOTH)
        fd = mkstemp(n);
+       umask(oldmask);
+
        if (fd >= 0 && name)
                *name = n;
        else