diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 1996-08-26 00:17:29 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 1996-08-26 00:17:29 +0000 |
| commit | 1ac73728e4fb9188de899a35eb12fe3adad86b1d (patch) | |
| tree | 214153b9363774b96c668b1dc2cfb1b9c7307b3b /lib/libc/db | |
| parent | 05a1c82cea94423f31eeffcde116ad3b225de98e (diff) | |
use issetugid() to protect against bad getenv
Diffstat (limited to 'lib/libc/db')
| -rw-r--r-- | lib/libc/db/btree/bt_open.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/lib/libc/db/btree/bt_open.c b/lib/libc/db/btree/bt_open.c index 5cf95665d9b..fecc36c4000 100644 --- a/lib/libc/db/btree/bt_open.c +++ b/lib/libc/db/btree/bt_open.c @@ -35,7 +35,7 @@ */ #if defined(LIBC_SCCS) && !defined(lint) -static char rcsid[] = "$OpenBSD: bt_open.c,v 1.3 1996/08/19 08:20:07 tholo Exp $"; +static char rcsid[] = "$OpenBSD: bt_open.c,v 1.4 1996/08/26 00:17:14 deraadt Exp $"; #endif /* LIBC_SCCS and not lint */ /* @@ -388,10 +388,11 @@ tmp() { sigset_t set, oset; int fd; - char *envtmp; + char *envtmp = NULL; char path[MAXPATHLEN]; - envtmp = getenv("TMPDIR"); + if (issetugid() == 0) + envtmp = getenv("TMPDIR"); (void)snprintf(path, sizeof(path), "%s/bt.XXXXXX", envtmp ? envtmp : "/tmp"); |