Gitweb: http://git.fedorahosted.org/git/?p=cluster.git;a=commitdiff;h=a40dd4574da788... Commit: a40dd4574da7881ff980498f834f27aded844454 Parent: 1177eedd0f1681cf3e6cc0271bcb8d65c7f75b52 Author: Andrew Price anprice@redhat.com AuthorDate: Fri Aug 16 10:37:40 2013 +0100 Committer: Andrew Price anprice@redhat.com CommitterDate: Thu Aug 29 11:21:07 2013 +0100
libgfs2: Set umask before calling mkstemp
Coverity highlighted a case where mkstemp() was being called without the umask being set. This sets the umask to create the file with 0600 permissions and then restores it after mkstemp() is called.
rhbz#1001504
Signed-off-by: Andrew Price anprice@redhat.com --- gfs2/libgfs2/misc.c | 3 +++ 1 files changed, 3 insertions(+), 0 deletions(-)
diff --git a/gfs2/libgfs2/misc.c b/gfs2/libgfs2/misc.c index 6807f60..3989bf1 100644 --- a/gfs2/libgfs2/misc.c +++ b/gfs2/libgfs2/misc.c @@ -219,13 +219,16 @@ static void remove_mtab_entry(struct gfs2_sbd *sdp) struct mntent *mountent; char mtab_tmpfn[PATH_MAX]; int error, fd; + mode_t mask;
mtab = setmntent("/etc/mtab", "rt"); if (mtab == NULL) die("Couldn't open /etc/mtab for writing: %s\n", strerror(errno)); strcpy(mtab_tmpfn, "/etc/mtab.XXXXXX"); + mask = umask(S_IXUSR | S_IRWXG | S_IRWXO); fd = mkstemp(mtab_tmpfn); + umask(mask); if (fd < 0) die("Couldn't open temporary mtab file for writing: %s\n", strerror(errno));
cluster-commits@lists.fedorahosted.org