From: Karel Zak <kzak@redhat.com>
Date: Wed, 12 Dec 2012 12:32:52 +0000 (+0100)
Subject: libmount: make mkstemp() more robust [coverity scan]
X-Git-Tag: v2.23-rc1~428
X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=6fc8122490aacbeee8cf6ad7ed37819549e987c4;p=thirdparty%2Futil-linux.git

libmount: make mkstemp() more robust [coverity scan]

Signed-off-by: Karel Zak <kzak@redhat.com>
---

diff --git a/libmount/src/utils.c b/libmount/src/utils.c
index d473bc4996..325e1e9db0 100644
--- a/libmount/src/utils.c
+++ b/libmount/src/utils.c
@@ -810,6 +810,7 @@ int mnt_open_uniq_filename(const char *filename, char **name)
 {
 	int rc, fd;
 	char *n;
+	mode_t oldmode;
 
 	if (!filename)
 		return -EINVAL;
@@ -820,7 +821,14 @@ int mnt_open_uniq_filename(const char *filename, char **name)
 	if (rc <= 0)
 		return -errno;
 
+	/* This is for very old glibc and for compatibility with Posix where is
+	 * nothing about mkstemp() mode. All sane glibc use secure mode (0600).
+	 */
+	oldmode = umask(S_IRGRP|S_IWGRP|S_IXGRP
+			S_IROTH|S_IWOTH|S_IXOTH)
 	fd = mkstemp(n);
+	umask(oldmask);
+
 	if (fd >= 0 && name)
 		*name = n;
 	else