diff options
author | Theo de Raadt <deraadt@cvs.openbsd.org> | 1996-06-25 22:43:27 +0000 |
---|---|---|
committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 1996-06-25 22:43:27 +0000 |
commit | 0e1dfa183145680a78c7ce01bfae7c09df055209 (patch) | |
tree | b6ea7900920eb2aaf38c3bfddbb478303d5485e0 | |
parent | dbccedb222a0d39588ccba593a1846b985fb3fc8 (diff) |
open O_EXCL instead of creat; for writable rdist directories... still small DOS
-rw-r--r-- | usr.bin/rdistd/message.c | 10 | ||||
-rw-r--r-- | usr.bin/rdistd/server.c | 6 |
2 files changed, 10 insertions, 6 deletions
diff --git a/usr.bin/rdistd/message.c b/usr.bin/rdistd/message.c index 488096513bd..284eb8e79e0 100644 --- a/usr.bin/rdistd/message.c +++ b/usr.bin/rdistd/message.c @@ -33,7 +33,7 @@ #ifndef lint static char RCSid[] = -"$Id: message.c,v 1.2 1996/03/05 03:16:18 dm Exp $"; +"$Id: message.c,v 1.3 1996/06/25 22:43:25 deraadt Exp $"; static char sccsid[] = "@(#)common.c"; @@ -454,6 +454,7 @@ static void msgsendnotify(msgfac, mtype, flags, msgbuf) if (!msgfac->mf_fptr) { register char *cp; char *getenv(); + int fd; /* * Create and open a new temporary file @@ -465,10 +466,13 @@ static void msgsendnotify(msgfac, mtype, flags, msgbuf) (void) sprintf(tempfile, "%s/%s", cp, _RDIST_TMP); msgfac->mf_filename = tempfile; - (void) mktemp(msgfac->mf_filename); - if ((msgfac->mf_fptr = fopen(msgfac->mf_filename, "w"))==NULL) + if ((fd = mkstemp(msgfac->mf_filename)) == -1 || + (msgfac->mf_fptr = fdopen(fd, "w")) == NULL) { + if (fd != -1) + close(fd); fatalerr("Cannot open notify file for writing: %s: %s.", msgfac->mf_filename, SYSERR); + } debugmsg(DM_MISC, "Created notify temp file '%s'", msgfac->mf_filename); } diff --git a/usr.bin/rdistd/server.c b/usr.bin/rdistd/server.c index 107e78e9f76..42a9f85cb39 100644 --- a/usr.bin/rdistd/server.c +++ b/usr.bin/rdistd/server.c @@ -32,7 +32,7 @@ */ #ifndef lint static char RCSid[] = -"$Id: server.c,v 1.2 1996/03/05 03:16:21 dm Exp $"; +"$Id: server.c,v 1.3 1996/06/25 22:43:26 deraadt Exp $"; static char sccsid[] = "@(#)server.c 5.3 (Berkeley) 6/7/86"; @@ -752,9 +752,9 @@ static void recvfile(new, opts, mode, owner, group, mtime, atime, size) /* * Create temporary file */ - if ((f = creat(new, mode)) < 0) { + if ((f = open(new, O_CREAT|O_EXCL|O_WRONLY, mode)) < 0) { if (errno != ENOENT || chkparent(new, opts) < 0 || - (f = creat(new, mode)) < 0) { + (f = open(new, O_CREAT|O_EXCL|O_WRONLY, mode)) < 0) { error("%s: create failed: %s", new, SYSERR); (void) unlink(new); return; |