text: safer temporary file creation

Set umask before calling mkstemp. According to POSIX 2008 this is not necessary since the temporary file is guaranteed to be created with permission restricted to the current user. However this is more secure on non-conforming systems and safe as long as we do not use multiple threads. Fixes Coverity CID 101333.
author: Marc André Tanner <mat@brain-dump.org> 2015-07-07 10:08:11 +0200
committer: Marc André Tanner <mat@brain-dump.org> 2015-07-07 10:15:43 +0200
commit: 2a39201f65c97cf666c562c281defd8b8e2f8937 (patch)
tree: 272aa4bb940a1ebb34f2662ae94634f31d3c05cf
parent: 5f9343595941f2103afad7eed66d4da2788de090 (diff)
download: vis-2a39201f65c97cf666c562c281defd8b8e2f8937.tar.gz
vis-2a39201f65c97cf666c562c281defd8b8e2f8937.tar.xz
1 files changed, 4 insertions, 1 deletions
diff --git a/text.c b/text.c
index f47ccbc..a77bc07 100644
--- a/text.c
+++ b/text.c
@@ -919,7 +919,10 @@ bool text_range_save(Text *txt, Filerange *range, const char *filename) {
 		 */
 		size_t size = txt->buf->size;
 		char tmpname[32] = "/tmp/vis-XXXXXX";
-		if ((newfd = mkstemp(tmpname)) == -1)
+		mode_t mask = umask(S_IXUSR | S_IRWXG | S_IRWXO);
+		newfd = mkstemp(tmpname);
+		umask(mask);
+		if (newfd == -1)
 			goto err;
 		if (unlink(tmpname) == -1)
 			goto err;
author	Marc André Tanner <mat@brain-dump.org>	2015-07-07 10:08:11 +0200
committer	Marc André Tanner <mat@brain-dump.org>	2015-07-07 10:15:43 +0200
commit	2a39201f65c97cf666c562c281defd8b8e2f8937 (patch)
tree	272aa4bb940a1ebb34f2662ae94634f31d3c05cf
parent	5f9343595941f2103afad7eed66d4da2788de090 (diff)
download	vis-2a39201f65c97cf666c562c281defd8b8e2f8937.tar.gz vis-2a39201f65c97cf666c562c281defd8b8e2f8937.tar.xz