Skip to content
Snippets Groups Projects
Commit 9e61422c authored by Axel Naumann's avatar Axel Naumann
Browse files

Set restrictive umask() before call to mkstemp() (Coverity). 

Ignore a Coverity report on tmpfile().


git-svn-id: http://root.cern.ch/svn/root/trunk@36294 27541ba8-7e3a-0410-8455-c3a389f83636
parent af0dd9bf
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
cint/cint/src/loadfile.cxx
+ 3
0
View file @ 9e61422c
...@@ -2855,7 +2855,9 @@ char* G__tmpnam(char *name) ...@@ -2855,7 +2855,9 @@ char* G__tmpnam(char *name)
if (name==0) name = tempname; if (name==0) name = tempname;
G__strlcpy(name, tmpdir, G__MAXFILENAME); G__strlcpy(name, tmpdir, G__MAXFILENAME);
G__strlcat(name,"/XXXXXX", G__MAXFILENAME); G__strlcat(name,"/XXXXXX", G__MAXFILENAME);
mode_t old_umask = umask(077); // be restrictive for mkstemp()
int temp_fileno = mkstemp(name);/*mkstemp not only generate file name but also opens the file*/ int temp_fileno = mkstemp(name);/*mkstemp not only generate file name but also opens the file*/
umask(old_umask);
if (temp_fileno >= 0) { if (temp_fileno >= 0) {
close(temp_fileno); close(temp_fileno);
} }
...@@ -2885,6 +2887,7 @@ static int G__istmpnam=0; ...@@ -2885,6 +2887,7 @@ static int G__istmpnam=0;
void G__openmfp() void G__openmfp()
{ {
#ifndef G__TMPFILE #ifndef G__TMPFILE
// Coverity[secure_temp]: we don't care about predictable names.
G__mfp=tmpfile(); G__mfp=tmpfile();
if(!G__mfp) { if(!G__mfp) {
do { do {
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment