From 23e11d2dc36847f28876757de76eaaf0395a0ffc Mon Sep 17 00:00:00 2001 From: deraadt Date: Tue, 24 Dec 1996 20:04:14 +0000 Subject: [PATCH] indicate this mktemp is vulnerable to a DOS attack, however the impact is very low --- bin/df/df.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/bin/df/df.c b/bin/df/df.c index 14ef2cf10c7..307fe8df0ec 100644 --- a/bin/df/df.c +++ b/bin/df/df.c @@ -1,4 +1,4 @@ -/* $OpenBSD: df.c,v 1.6 1996/12/14 12:17:52 mickey Exp $ */ +/* $OpenBSD: df.c,v 1.7 1996/12/24 20:04:14 deraadt Exp $ */ /* $NetBSD: df.c,v 1.21.2.1 1995/11/01 00:06:11 jtc Exp $ */ /* @@ -49,7 +49,7 @@ static char copyright[] = #if 0 static char sccsid[] = "@(#)df.c 8.7 (Berkeley) 4/2/94"; #else -static char rcsid[] = "$OpenBSD: df.c,v 1.6 1996/12/14 12:17:52 mickey Exp $"; +static char rcsid[] = "$OpenBSD: df.c,v 1.7 1996/12/24 20:04:14 deraadt Exp $"; #endif #endif /* not lint */ @@ -135,6 +135,7 @@ main(argc, argv) continue; } else if (S_ISBLK(stbuf.st_mode)) { if ((mntpt = getmntpt(*argv)) == 0) { + /* XXX can be DOS'd, not very important */ mntpt = mktemp(strdup("/tmp/df.XXXXXX")); mdev.fspec = *argv; if (mkdir(mntpt, DEFFILEMODE) != 0) { -- 2.20.1