From 8dc8108016f3a8b25734b5da8c4a5776f3a2eae3 Mon Sep 17 00:00:00 2001 From: Theo de Raadt Date: Thu, 23 Jan 1997 04:31:37 +0000 Subject: perl mktemp race; fix mailed to larry --- gnu/usr.bin/perl/perl.c | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) (limited to 'gnu/usr.bin/perl') diff --git a/gnu/usr.bin/perl/perl.c b/gnu/usr.bin/perl/perl.c index 6c7723ace38..a4be9745685 100644 --- a/gnu/usr.bin/perl/perl.c +++ b/gnu/usr.bin/perl/perl.c @@ -337,13 +337,17 @@ setuid perl scripts securely.\n"); if (euid != uid || egid != gid) croak("No -e allowed in setuid scripts"); if (!e_fp) { + int fd; + e_tmpname = savepv(TMPPATH); - (void)mktemp(e_tmpname); - if (!*e_tmpname) - croak("Can't mktemp()"); - e_fp = fopen(e_tmpname,"w"); - if (!e_fp) + fd = mkstemp(e_tmpname); + if (fd == -1) + croak("Can't mkstemp()"); + e_fp = fdopen(fd,"w"); + if (!e_fp) { + close(fd); croak("Cannot open temporary file"); + } } if (argv[1]) { fputs(argv[1],e_fp); -- cgit v1.2.3