diff options
author | Nandaja Varma <nvarma@redhat.com> | 2015-02-03 16:35:33 +0530 |
---|---|---|
committer | Niels de Vos <ndevos@redhat.com> | 2015-06-12 00:48:11 -0700 |
commit | 886f65fabc50c256a7de57fd05281a75bba3cac9 (patch) | |
tree | 9e10b3463433d17abba70b88e8b295f9e3afd9c0 /libglusterfs/src | |
parent | 04791e4d53650eb108890e9ad9a809768a06987b (diff) |
libglusterfs: Fixing insecure temp file coverity issue
Coverity CID: 1124835
Change-Id: I7e87f2b3bad35cf8a9c64c8502de23662d9f677f
BUG: 789278
Signed-off-by: Nandaja Varma <nvarma@redhat.com>
Reviewed-on: http://review.gluster.org/9565
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Sakshi Bansal
Tested-by: NetBSD Build System <jenkins@build.gluster.org>
Reviewed-by: Prashanth Pai <ppai@redhat.com>
Diffstat (limited to 'libglusterfs/src')
-rw-r--r-- | libglusterfs/src/graph.c | 30 | ||||
-rw-r--r-- | libglusterfs/src/statedump.c | 2 |
2 files changed, 30 insertions, 2 deletions
diff --git a/libglusterfs/src/graph.c b/libglusterfs/src/graph.c index e3a864bf111..61f72130af3 100644 --- a/libglusterfs/src/graph.c +++ b/libglusterfs/src/graph.c @@ -12,7 +12,9 @@ #include <dlfcn.h> #include <netdb.h> #include <fnmatch.h> +#include <stdlib.h> #include "defaults.h" +#include <unistd.h> #if 0 @@ -780,9 +782,15 @@ glusterfs_volfile_reconfigure (int oldvollen, FILE *newvolfile_fp, glusterfs_graph_t *oldvolfile_graph = NULL; glusterfs_graph_t *newvolfile_graph = NULL; FILE *oldvolfile_fp = NULL; + /*Since the function mkstemp() replaces XXXXXX, + * assigning it to a variable + */ + char temp_file[] = "/tmp/temp_vol_file_XXXXXX"; gf_boolean_t active_graph_found = _gf_true; int ret = -1; + int u_ret = -1; + int file_desc = -1; if (!oldvollen) { ret = 1; // Has to call INIT for the whole graph @@ -801,14 +809,32 @@ glusterfs_volfile_reconfigure (int oldvollen, FILE *newvolfile_fp, gf_log ("glusterfsd-mgmt", GF_LOG_ERROR, "glusterfs_ctx->active is NULL"); - oldvolfile_fp = tmpfile (); - if (!oldvolfile_fp) { + file_desc = mkstemp(temp_file); + if (file_desc < 0) { gf_log ("glusterfsd-mgmt", GF_LOG_ERROR, "Unable to " "create temporary volfile: (%s)", strerror (errno)); goto out; } + /*Calling unlink so that when the file is closed or program + *terminates the tempfile is deleted. + */ + u_ret = unlink(temp_file); + + if (u_ret < 0) { + gf_log ("glusterfsd-mgmt", GF_LOG_ERROR, + "Temporary file delete failed. Reason: %s", + strerror (errno)); + close (file_desc); + goto out; + } + + + oldvolfile_fp = fdopen (file_desc, "w+b"); + if (!oldvolfile_fp) + goto out; + fwrite (oldvolfile, oldvollen, 1, oldvolfile_fp); fflush (oldvolfile_fp); if (ferror (oldvolfile_fp)) { diff --git a/libglusterfs/src/statedump.c b/libglusterfs/src/statedump.c index 3eebd2106f9..fc66421be2f 100644 --- a/libglusterfs/src/statedump.c +++ b/libglusterfs/src/statedump.c @@ -60,7 +60,9 @@ gf_proc_dump_open (char *tmpname) { int dump_fd = -1; + mode_t mask = umask(S_IRWXG | S_IRWXO); dump_fd = mkstemp (tmpname); + umask(mask); if (dump_fd < 0) return -1; |