Browse code
use strict permissions (0600) for temporary files created in cli_gentempstream() (bb#517)
| ... | ... |
@@ -1,3 +1,9 @@ |
| 1 |
+Tue May 29 21:21:09 CEST 2007 (tk) |
|
| 2 |
+---------------------------------- |
|
| 3 |
+ * libclamav/others.c: use strict permissions (0600) for temporary files |
|
| 4 |
+ created in cli_gentempstream() (bb#517) |
|
| 5 |
+ Reported by Christoph Probst |
|
| 6 |
+ |
|
| 1 | 7 |
Tue May 29 17:42:12 CEST 2007 (tk) |
| 2 | 8 |
---------------------------------- |
| 3 | 9 |
* libclamav/ole2_extract.c: detect block list loop (bb#466), patch from Trog |
| ... | ... |
@@ -551,16 +551,22 @@ char *cli_gentempdesc(const char *dir, int *fd) |
| 551 | 551 |
char *cli_gentempstream(const char *dir, FILE **fs) |
| 552 | 552 |
{
|
| 553 | 553 |
char *name; |
| 554 |
+ mode_t omask; |
|
| 555 |
+ |
|
| 554 | 556 |
|
| 555 | 557 |
name = cli_gentempname(dir); |
| 558 |
+ if(!name) |
|
| 559 |
+ return NULL; |
|
| 556 | 560 |
|
| 557 |
- if(name && ((*fs = fopen(name, "wb+")) == NULL)) {
|
|
| 561 |
+ omask = umask(077); |
|
| 562 |
+ if((*fs = fopen(name, "wb+")) == NULL) {
|
|
| 558 | 563 |
cli_dbgmsg("cli_gentempstream(): can't create temp file: %s\n", name);
|
| 559 | 564 |
free(name); |
| 560 | 565 |
name = NULL; |
| 561 | 566 |
} |
| 567 |
+ umask(omask); |
|
| 562 | 568 |
|
| 563 |
- return(name); |
|
| 569 |
+ return name; |
|
| 564 | 570 |
} |
| 565 | 571 |
|
| 566 | 572 |
#ifdef C_WINDOWS |