From da8c48102b5f8cd85dc31428a82bdd8cdae8eac0 Mon Sep 17 00:00:00 2001 From: millert Date: Sun, 15 Sep 1996 19:19:52 +0000 Subject: [PATCH] Be slightly safer opening temp files. --- usr.bin/patch/patch.c | 16 ++++++++++------ usr.bin/patch/pch.c | 10 ++++++---- 2 files changed, 16 insertions(+), 10 deletions(-) diff --git a/usr.bin/patch/patch.c b/usr.bin/patch/patch.c index dfbe51cba76..afb9b7307a6 100644 --- a/usr.bin/patch/patch.c +++ b/usr.bin/patch/patch.c @@ -1,4 +1,4 @@ -/* $OpenBSD: patch.c,v 1.4 1996/07/01 20:40:09 deraadt Exp $ */ +/* $OpenBSD: patch.c,v 1.5 1996/09/15 19:19:54 millert Exp $ */ /* patch - a program to apply diffs to original files * @@ -9,7 +9,7 @@ */ #ifndef lint -static char rcsid[] = "$OpenBSD: patch.c,v 1.4 1996/07/01 20:40:09 deraadt Exp $"; +static char rcsid[] = "$OpenBSD: patch.c,v 1.5 1996/09/15 19:19:54 millert Exp $"; #endif /* not lint */ #include "INTERN.h" @@ -784,8 +784,10 @@ void init_output(name) char *name; { - ofp = fopen(name, "w"); - if (ofp == Nullfp) + int ofd; + + if ((ofd = open(name, O_CREAT|O_EXCL|O_WRONLY, 0600)) < 0 || + (ofp = fdopen(ofd, "w")) == Nullfp) pfatal2("can't create %s", name); } @@ -795,8 +797,10 @@ void init_reject(name) char *name; { - rejfp = fopen(name, "w"); - if (rejfp == Nullfp) + int rejfd; + + if ((rejfd = open(name, O_CREAT|O_EXCL|O_WRONLY, 0600)) < 0 || + (rejfp = fdopen(rejfd, "w")) == Nullfp) pfatal2("can't create %s", name); } diff --git a/usr.bin/patch/pch.c b/usr.bin/patch/pch.c index 38225fa648a..33fbb2ec3aa 100644 --- a/usr.bin/patch/pch.c +++ b/usr.bin/patch/pch.c @@ -1,7 +1,7 @@ -/* $OpenBSD: pch.c,v 1.4 1996/07/01 20:40:10 deraadt Exp $ */ +/* $OpenBSD: pch.c,v 1.5 1996/09/15 19:19:52 millert Exp $ */ #ifndef lint -static char rcsid[] = "$OpenBSD: pch.c,v 1.4 1996/07/01 20:40:10 deraadt Exp $"; +static char rcsid[] = "$OpenBSD: pch.c,v 1.5 1996/09/15 19:19:52 millert Exp $"; #endif /* not lint */ #include "EXTERN.h" @@ -55,8 +55,10 @@ open_patch_file(filename) char *filename; { if (filename == Nullch || !*filename || strEQ(filename, "-")) { - pfp = fopen(TMPPATNAME, "w"); - if (pfp == Nullfp) + int pfd; + + if ((pfd = open(TMPPATNAME, O_CREAT|O_EXCL|O_WRONLY, 0600)) < 0 || + (pfp = fdopen(pfd, "w")) == Nullfp) pfatal2("can't create %s", TMPPATNAME); while (fgets(buf, sizeof buf, stdin) != Nullch) fputs(buf, pfp); -- 2.20.1