perl mktemp race; fix mailed to larry

author deraadt <deraadt@openbsd.org>

Thu, 23 Jan 1997 04:31:36 +0000 (04:31 +0000)

committer deraadt <deraadt@openbsd.org>

Thu, 23 Jan 1997 04:31:36 +0000 (04:31 +0000)
author deraadt <deraadt@openbsd.org>
Thu, 23 Jan 1997 04:31:36 +0000 (04:31 +0000)
committer deraadt <deraadt@openbsd.org>
Thu, 23 Jan 1997 04:31:36 +0000 (04:31 +0000)
diff --git a/gnu/usr.bin/perl/perl.c b/gnu/usr.bin/perl/perl.c

index 6c7723a..a4be974 100644 (file)
--- a/gnu/usr.bin/perl/perl.c
+++ b/gnu/usr.bin/perl/perl.c
@@ -337,13 +337,17 @@ setuid perl scripts securely.\n");
             if (euid != uid || egid != gid)
                 croak("No -e allowed in setuid scripts");
             if (!e_fp) {
+               int fd;
+
                 e_tmpname = savepv(TMPPATH);
-               (void)mktemp(e_tmpname);
-               if (!*e_tmpname)
-                   croak("Can't mktemp()");
-               e_fp = fopen(e_tmpname,"w");
-               if (!e_fp)
+               fd = mkstemp(e_tmpname);
+               if (fd == -1)
+                   croak("Can't mkstemp()");
+               e_fp = fdopen(fd,"w");
+               if (!e_fp) {
+                   close(fd);
                     croak("Cannot open temporary file");
+               }
             }
             if (argv[1]) {
                 fputs(argv[1],e_fp);
author	deraadt <deraadt@openbsd.org>
	Thu, 23 Jan 1997 04:31:36 +0000 (04:31 +0000)
committer	deraadt <deraadt@openbsd.org>
	Thu, 23 Jan 1997 04:31:36 +0000 (04:31 +0000)