diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 1996-08-26 00:17:29 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 1996-08-26 00:17:29 +0000 |
| commit | 1ac73728e4fb9188de899a35eb12fe3adad86b1d (patch) | |
| tree | 214153b9363774b96c668b1dc2cfb1b9c7307b3b /lib/libpthread/stdio | |
| parent | 05a1c82cea94423f31eeffcde116ad3b225de98e (diff) | |
use issetugid() to protect against bad getenv
Diffstat (limited to 'lib/libpthread/stdio')
| -rw-r--r-- | lib/libpthread/stdio/tempnam.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/libpthread/stdio/tempnam.c b/lib/libpthread/stdio/tempnam.c index 95ecfeb3a5a..e9c7e742472 100644 --- a/lib/libpthread/stdio/tempnam.c +++ b/lib/libpthread/stdio/tempnam.c @@ -33,7 +33,7 @@ #if defined(LIBC_SCCS) && !defined(lint) /*static char *sccsid = "from: @(#)tempnam.c 5.1 (Berkeley) 2/22/91";*/ -static char *rcsid = "$Id: tempnam.c,v 1.1 1995/10/18 08:43:09 deraadt Exp $"; +static char *rcsid = "$Id: tempnam.c,v 1.2 1996/08/26 00:17:28 deraadt Exp $"; #endif /* LIBC_SCCS and not lint */ #include <sys/param.h> @@ -56,7 +56,7 @@ tempnam(dir, pfx) if (!pfx) pfx = "tmp."; - if (f = getenv("TMPDIR")) { + if (issetugid() == 0 && f = getenv("TMPDIR")) { (void)snprintf(name, MAXPATHLEN, "%s%s%sXXXXXX", f, *(f + strlen(f) - 1) == '/'? "": "/", pfx); if (f = mktemp(name)) |