summaryrefslogtreecommitdiffstats
path: root/libglusterfs/src
diff options
context:
space:
mode:
authorNandaja Varma <nvarma@redhat.com>2015-02-03 16:35:33 +0530
committerNiels de Vos <ndevos@redhat.com>2015-06-12 00:48:11 -0700
commit886f65fabc50c256a7de57fd05281a75bba3cac9 (patch)
tree9e10b3463433d17abba70b88e8b295f9e3afd9c0 /libglusterfs/src
parent04791e4d53650eb108890e9ad9a809768a06987b (diff)
libglusterfs: Fixing insecure temp file coverity issue
Coverity CID: 1124835 Change-Id: I7e87f2b3bad35cf8a9c64c8502de23662d9f677f BUG: 789278 Signed-off-by: Nandaja Varma <nvarma@redhat.com> Reviewed-on: http://review.gluster.org/9565 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Sakshi Bansal Tested-by: NetBSD Build System <jenkins@build.gluster.org> Reviewed-by: Prashanth Pai <ppai@redhat.com>
Diffstat (limited to 'libglusterfs/src')
-rw-r--r--libglusterfs/src/graph.c30
-rw-r--r--libglusterfs/src/statedump.c2
2 files changed, 30 insertions, 2 deletions
diff --git a/libglusterfs/src/graph.c b/libglusterfs/src/graph.c
index e3a864bf111..61f72130af3 100644
--- a/libglusterfs/src/graph.c
+++ b/libglusterfs/src/graph.c
@@ -12,7 +12,9 @@
#include <dlfcn.h>
#include <netdb.h>
#include <fnmatch.h>
+#include <stdlib.h>
#include "defaults.h"
+#include <unistd.h>
#if 0
@@ -780,9 +782,15 @@ glusterfs_volfile_reconfigure (int oldvollen, FILE *newvolfile_fp,
glusterfs_graph_t *oldvolfile_graph = NULL;
glusterfs_graph_t *newvolfile_graph = NULL;
FILE *oldvolfile_fp = NULL;
+ /*Since the function mkstemp() replaces XXXXXX,
+ * assigning it to a variable
+ */
+ char temp_file[] = "/tmp/temp_vol_file_XXXXXX";
gf_boolean_t active_graph_found = _gf_true;
int ret = -1;
+ int u_ret = -1;
+ int file_desc = -1;
if (!oldvollen) {
ret = 1; // Has to call INIT for the whole graph
@@ -801,14 +809,32 @@ glusterfs_volfile_reconfigure (int oldvollen, FILE *newvolfile_fp,
gf_log ("glusterfsd-mgmt", GF_LOG_ERROR,
"glusterfs_ctx->active is NULL");
- oldvolfile_fp = tmpfile ();
- if (!oldvolfile_fp) {
+ file_desc = mkstemp(temp_file);
+ if (file_desc < 0) {
gf_log ("glusterfsd-mgmt", GF_LOG_ERROR, "Unable to "
"create temporary volfile: (%s)",
strerror (errno));
goto out;
}
+ /*Calling unlink so that when the file is closed or program
+ *terminates the tempfile is deleted.
+ */
+ u_ret = unlink(temp_file);
+
+ if (u_ret < 0) {
+ gf_log ("glusterfsd-mgmt", GF_LOG_ERROR,
+ "Temporary file delete failed. Reason: %s",
+ strerror (errno));
+ close (file_desc);
+ goto out;
+ }
+
+
+ oldvolfile_fp = fdopen (file_desc, "w+b");
+ if (!oldvolfile_fp)
+ goto out;
+
fwrite (oldvolfile, oldvollen, 1, oldvolfile_fp);
fflush (oldvolfile_fp);
if (ferror (oldvolfile_fp)) {
diff --git a/libglusterfs/src/statedump.c b/libglusterfs/src/statedump.c
index 3eebd2106f9..fc66421be2f 100644
--- a/libglusterfs/src/statedump.c
+++ b/libglusterfs/src/statedump.c
@@ -60,7 +60,9 @@ gf_proc_dump_open (char *tmpname)
{
int dump_fd = -1;
+ mode_t mask = umask(S_IRWXG | S_IRWXO);
dump_fd = mkstemp (tmpname);
+ umask(mask);
if (dump_fd < 0)
return -1;