author | erik <erik> | 2007-01-26 21:43:58 (UTC) |
---|---|---|
committer | erik <erik> | 2007-01-26 21:43:58 (UTC) |
commit | 3cd37427b5c5f26f62cff583fbde914467ddafe3 (patch) (unidiff) | |
tree | 664a2c1cf2198b69f94e9aa683133a3d92c98511 /noncore | |
parent | f77da1ae08512b02a3c50a124f823ed77e53dd64 (diff) | |
download | opie-3cd37427b5c5f26f62cff583fbde914467ddafe3.zip opie-3cd37427b5c5f26f62cff583fbde914467ddafe3.tar.gz opie-3cd37427b5c5f26f62cff583fbde914467ddafe3.tar.bz2 |
Both files in this commit exhibit the wrong way to use temporary files.
For TEHistory.cpp, it uses tmpfile() which produces a file which has a
name that can be guessed.
For vmemo.cpp, it uses tmpname() which only creates a predictable string.
Both uses have been switched to using mkstemp() wrapped around umask(). This
produces a much less predictable file that also has guaranteed restrictive
permissions.
I went a little farther in vmemo because it calls out to the shell using
system to 'mv' the new file. That is kinda wasteful so I switched it to use
rename instead.
-rw-r--r-- | noncore/apps/opie-console/TEHistory.cpp | 27 |
1 files changed, 24 insertions, 3 deletions
diff --git a/noncore/apps/opie-console/TEHistory.cpp b/noncore/apps/opie-console/TEHistory.cpp index 317ce57..e2be42a 100644 --- a/noncore/apps/opie-console/TEHistory.cpp +++ b/noncore/apps/opie-console/TEHistory.cpp | |||
@@ -21,6 +21,7 @@ | |||
21 | #include <assert.h> | 21 | #include <assert.h> |
22 | #include <stdio.h> | 22 | #include <stdio.h> |
23 | #include <sys/types.h> | 23 | #include <sys/types.h> |
24 | #include <sys/stat.h> | ||
24 | #include <unistd.h> | 25 | #include <unistd.h> |
25 | #include <errno.h> | 26 | #include <errno.h> |
26 | 27 | ||
@@ -96,9 +97,29 @@ void HistoryBuffer::setScroll(bool on) | |||
96 | { | 97 | { |
97 | assert( ion < 0 ); | 98 | assert( ion < 0 ); |
98 | assert( length == 0); | 99 | assert( length == 0); |
99 | FILE* tmp = tmpfile(); if (!tmp) { perror("konsole: cannot open temp file.\n"); return; } | 100 | char* tmpDir = getenv("TMPDIR"); |
100 | ion = dup(fileno(tmp)); if (ion<0) perror("konsole: cannot dup temp file.\n"); | 101 | char* tmpFilePath = 0; |
101 | fclose(tmp); | 102 | if (tmpDir && *tmpDir != '\0') { |
103 | tmpFilePath = new char[strlen(tmpDir) + strlen("/opie-console-HistoryBuffer-XXXXXX") + 1]; | ||
104 | strcpy(tmpFilePath, tmpDir); | ||
105 | free(tmpDir); | ||
106 | } else { | ||
107 | tmpFilePath = new char[strlen("/tmp/opie-console-HistoryBuffer-XXXXXX") + 1]; | ||
108 | strcpy(tmpFilePath, "/tmp"); | ||
109 | } | ||
110 | strcat(tmpFilePath, "/opie-console-HistoryBuffer-XXXXXX"); | ||
111 | mode_t currUmask = umask(S_IRWXO | S_IRWXG); | ||
112 | int tmpfd = mkstemp(tmpFilePath); | ||
113 | delete [] tmpFilePath; | ||
114 | umask(currUmask); | ||
115 | if (tmpfd == -1) { | ||
116 | perror("konsole: cannot open temp file.\n"); | ||
117 | return; | ||
118 | } | ||
119 | ion = dup(tmpfd); | ||
120 | if (ion<0) | ||
121 | perror("konsole: cannot dup temp file.\n"); | ||
122 | close(tmpfd); | ||
102 | } | 123 | } |
103 | else | 124 | else |
104 | { | 125 | { |