diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 1997-01-23 04:31:37 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 1997-01-23 04:31:37 +0000 |
| commit | 8dc8108016f3a8b25734b5da8c4a5776f3a2eae3 (patch) | |
| tree | de61d61cc80cdae24090407f3127b325f550102f | |
| parent | ed89f2c422385e7460ec3b91f46ea3e4c5edd687 (diff) | |
perl mktemp race; fix mailed to larry
| -rw-r--r-- | gnu/usr.bin/perl/perl.c | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/gnu/usr.bin/perl/perl.c b/gnu/usr.bin/perl/perl.c index 6c7723ace38..a4be9745685 100644 --- a/gnu/usr.bin/perl/perl.c +++ b/gnu/usr.bin/perl/perl.c @@ -337,13 +337,17 @@ setuid perl scripts securely.\n"); if (euid != uid || egid != gid) croak("No -e allowed in setuid scripts"); if (!e_fp) { + int fd; + e_tmpname = savepv(TMPPATH); - (void)mktemp(e_tmpname); - if (!*e_tmpname) - croak("Can't mktemp()"); - e_fp = fopen(e_tmpname,"w"); - if (!e_fp) + fd = mkstemp(e_tmpname); + if (fd == -1) + croak("Can't mkstemp()"); + e_fp = fdopen(fd,"w"); + if (!e_fp) { + close(fd); croak("Cannot open temporary file"); + } } if (argv[1]) { fputs(argv[1],e_fp); |