glusterd: coverity fix for insecure temporary file

Set umask before creating temporary file Change-Id: Ia39af63b05ce68f3f3af6585b70d4129a5530269 BUG: 789278 Signed-off-by: Sakshi <sabansal@redhat.com> Reviewed-on: http://review.gluster.org/9558 Smoke: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com> CentOS-regression: Gluster Build System <jenkins@build.gluster.com> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org> Reviewed-by: Jeff Darcy <jdarcy@redhat.com>
author: Sakshi <sabansal@redhat.com> 2015-04-15 15:30:51 +0530
committer: Jeff Darcy <jdarcy@redhat.com> 2016-04-12 05:07:24 -0700
commit: 9395b30964ede412ff48e744360b02920daa3a17 (patch)
tree: 8bd2c94a6296ccea1e64e150bd3a3673d316716c
parent: c6d1b9797dd2850cd0b8be7f17a41db525cbe93d (diff)
2 files changed, 6 insertions, 0 deletions
diff --git a/xlators/mgmt/glusterd/src/glusterd-mountbroker.c b/xlators/mgmt/glusterd/src/glusterd-mountbroker.c
index 3125612d2cf..7c069ced984 100644
--- a/xlators/mgmt/glusterd/src/glusterd-mountbroker.c
+++ b/xlators/mgmt/glusterd/src/glusterd-mountbroker.c
@@ -525,6 +525,7 @@ glusterd_do_mount (char *label, dict_t *argdict, char **path, int *op_errno)
         runner_t runner            = {0,};
         int ret                    = 0;
         xlator_t *this             = THIS;
+        mode_t orig_umask          = 0;
 
         priv = this->private;
         GF_ASSERT (priv);
@@ -624,7 +625,9 @@ glusterd_do_mount (char *label, dict_t *argdict, char **path, int *op_errno)
                 *op_errno = ENOMEM;
                 goto out;
         }
+        orig_umask = umask(S_IRWXG | S_IRWXO);
         ret = mkstemp (cookie);
+        umask(orig_umask);
         if (ret == -1) {
                 *op_errno = errno;
                 goto out;
diff --git a/xlators/mgmt/glusterd/src/glusterd-utils.c b/xlators/mgmt/glusterd/src/glusterd-utils.c
index 2aa6a06a4ef..66054794fd7 100644
--- a/xlators/mgmt/glusterd/src/glusterd-utils.c
+++ b/xlators/mgmt/glusterd/src/glusterd-utils.c
@@ -2086,6 +2086,7 @@ glusterd_volume_compute_cksum (glusterd_volinfo_t  *volinfo, char *cksum_path,
         gf_boolean_t            unlink_sortfile         = _gf_false;
         glusterd_conf_t        *priv                    = NULL;
         xlator_t               *this                    = NULL;
+        mode_t                  orig_umask              = 0;
 
         GF_ASSERT (volinfo);
         this = THIS;
@@ -2106,7 +2107,9 @@ glusterd_volume_compute_cksum (glusterd_volinfo_t  *volinfo, char *cksum_path,
                 snprintf (sort_filepath, sizeof (sort_filepath),
                           "/tmp/%s.XXXXXX", volinfo->volname);
 
+                orig_umask = umask(S_IRWXG | S_IRWXO);
                 sort_fd = mkstemp (sort_filepath);
+                umask(orig_umask);
                 if (sort_fd < 0) {
                         gf_msg (this->name, GF_LOG_ERROR, errno,
                                 GD_MSG_FILE_OP_FAILED, "Could not generate "
author	Sakshi <sabansal@redhat.com>	2015-04-15 15:30:51 +0530
committer	Jeff Darcy <jdarcy@redhat.com>	2016-04-12 05:07:24 -0700
commit	9395b30964ede412ff48e744360b02920daa3a17 (patch)
tree	8bd2c94a6296ccea1e64e150bd3a3673d316716c
parent	c6d1b9797dd2850cd0b8be7f17a41db525cbe93d (diff)