mirrors
/
mc
mirror of https://github.com/MidnightCommander/mc
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

O_EXCL added to prevent symlink attack in vfs.c (ChangeLog commited earlier)

This commit is contained in:
Pavel Machek 1998-10-16 15:30:51 +00:00
parent c4dfdf5cee
commit dd9ceddfc2
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
vfs/vfs.c
View File

@ -1035,12 +1035,12 @@ mc_def_getlocalcopy (vfs *vfs, char *filename)
if (fdin == -1)
return NULL;
tmp = tempnam (NULL, "mclocalcopy");
fdout = creat (tmp, 0600); /* FIXME: What about symlink attack ? */
fdout = open (tmp, O_CREAT|O_WRONLY|O_TRUNC|O_EXCL, 0600);
if (fdout == -1){
mc_close (fdin);
free (tmp);
return NULL;
}
tmp = strdup (tmp);
while ((i = mc_read (fdin, buffer, sizeof (buffer))) == sizeof (buffer)){
write (fdout, buffer, i);
}