From 886f65fabc50c256a7de57fd05281a75bba3cac9 Mon Sep 17 00:00:00 2001
From: Nandaja Varma <nvarma@redhat.com>
Date: Tue, 3 Feb 2015 16:35:33 +0530
Subject: libglusterfs: Fixing insecure temp file coverity issue

Coverity CID: 1124835

Change-Id: I7e87f2b3bad35cf8a9c64c8502de23662d9f677f
BUG: 789278
Signed-off-by: Nandaja Varma <nvarma@redhat.com>
Reviewed-on: http://review.gluster.org/9565
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Sakshi Bansal
Tested-by: NetBSD Build System <jenkins@build.gluster.org>
Reviewed-by: Prashanth Pai <ppai@redhat.com>
---
 libglusterfs/src/graph.c | 30 ++++++++++++++++++++++++++++--
 1 file changed, 28 insertions(+), 2 deletions(-)

(limited to 'libglusterfs/src/graph.c')

diff --git a/libglusterfs/src/graph.c b/libglusterfs/src/graph.c
index e3a864bf111..61f72130af3 100644
--- a/libglusterfs/src/graph.c
+++ b/libglusterfs/src/graph.c
@@ -12,7 +12,9 @@
 #include <dlfcn.h>
 #include <netdb.h>
 #include <fnmatch.h>
+#include <stdlib.h>
 #include "defaults.h"
+#include <unistd.h>
 
 
 #if 0
@@ -780,9 +782,15 @@ glusterfs_volfile_reconfigure (int oldvollen, FILE *newvolfile_fp,
         glusterfs_graph_t *oldvolfile_graph = NULL;
         glusterfs_graph_t *newvolfile_graph = NULL;
         FILE              *oldvolfile_fp    = NULL;
+        /*Since the function mkstemp() replaces XXXXXX,
+         * assigning it to a variable
+         */
+        char temp_file[]                    = "/tmp/temp_vol_file_XXXXXX";
         gf_boolean_t      active_graph_found = _gf_true;
 
         int ret = -1;
+        int u_ret = -1;
+        int file_desc = -1;
 
         if (!oldvollen) {
                 ret = 1; // Has to call INIT for the whole graph
@@ -801,14 +809,32 @@ glusterfs_volfile_reconfigure (int oldvollen, FILE *newvolfile_fp,
                 gf_log ("glusterfsd-mgmt", GF_LOG_ERROR,
                         "glusterfs_ctx->active is NULL");
 
-                oldvolfile_fp = tmpfile ();
-                if (!oldvolfile_fp) {
+                file_desc = mkstemp(temp_file);
+                if (file_desc < 0) {
                         gf_log ("glusterfsd-mgmt", GF_LOG_ERROR, "Unable to "
                                 "create temporary volfile: (%s)",
                                 strerror (errno));
                         goto out;
                 }
 
+                /*Calling unlink so that when the file is closed or program
+                 *terminates the tempfile is deleted.
+                 */
+                u_ret = unlink(temp_file);
+
+                if (u_ret < 0) {
+                        gf_log ("glusterfsd-mgmt", GF_LOG_ERROR,
+                                "Temporary file delete failed. Reason: %s",
+                                strerror (errno));
+                        close (file_desc);
+                        goto out;
+                }
+
+
+                oldvolfile_fp = fdopen (file_desc, "w+b");
+                if (!oldvolfile_fp)
+                        goto out;
+
                 fwrite (oldvolfile, oldvollen, 1, oldvolfile_fp);
                 fflush (oldvolfile_fp);
                 if (ferror (oldvolfile_fp)) {
-- 
cgit