public inbox for cluster-cvs@sourceware.org help / color / mirror / Atom feed
From: Bob Peterson <rpeterso@fedoraproject.org> To: cluster-cvs-relay@redhat.com Subject: cluster: RHEL5 - gfs2: randomize debugfs mount point even more Date: Mon, 04 May 2009 19:31:00 -0000 [thread overview] Message-ID: <20090504193100.4997712025B@lists.fedorahosted.org> (raw) Gitweb: http://git.fedorahosted.org/git/cluster.git?p=cluster.git;a=commitdiff;h=1ea6d6c4680dfd0cdd43c4df8580d84789f75870 Commit: 1ea6d6c4680dfd0cdd43c4df8580d84789f75870 Parent: 07ff0098221e31673e0b61ac5dcd679dcd13c9f5 Author: Bob Peterson <rpeterso@redhat.com> AuthorDate: Mon May 4 11:26:56 2009 -0500 Committer: Bob Peterson <rpeterso@redhat.com> CommitterDate: Mon May 4 11:26:56 2009 -0500 gfs2: randomize debugfs mount point even more bz 498950 - cluster product is affected by several symlink attack vulnerabilities 18b24ae55c3e4abdc256a3b6c4f15ae0116a0f14 didn't introduce enough security. Switch to mkdtemp(3) and cleanup unrequired code as a consequence. --- gfs2/edit/savemeta.c | 15 ++++++++++----- 1 files changed, 10 insertions(+), 5 deletions(-) diff --git a/gfs2/edit/savemeta.c b/gfs2/edit/savemeta.c index de99cb7..29ddbb8 100644 --- a/gfs2/edit/savemeta.c +++ b/gfs2/edit/savemeta.c @@ -36,7 +36,7 @@ #include "libgfs2.h" #define BUFSIZE (4096) -#define DFT_SAVE_FILE "/tmp/gfsmeta" +#define DFT_SAVE_FILE "/tmp/gfsmeta.XXXXXX" #define MAX_JOURNALS_SAVED 256 struct saved_metablock { @@ -418,7 +418,7 @@ void get_journal_inode_blocks(void) } } -void savemeta(const char *out_fn, int saveoption) +void savemeta(char *out_fn, int saveoption) { int out_fd; int slow; @@ -431,9 +431,14 @@ void savemeta(const char *out_fn, int saveoption) slow = (saveoption == 1); sbd.md.journals = 1; - if (!out_fn) - out_fn = DFT_SAVE_FILE; - out_fd = open(out_fn, O_RDWR | O_CREAT, 0644); + if (!out_fn) { + out_fn = strdup(DFT_SAVE_FILE); + if (!out_fn) + die("Can't allocate memory for the operation.\n"); + out_fd = mkstemp(out_fn); + } else + out_fd = open(out_fn, O_RDWR | O_CREAT, 0644); + if (out_fd < 0) die("Can't open %s: %s\n", out_fn, strerror(errno));
next reply other threads:[~2009-05-04 19:31 UTC|newest] Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top 2009-05-04 19:31 Bob Peterson [this message] 2009-05-04 19:31 Bob Peterson
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20090504193100.4997712025B@lists.fedorahosted.org \ --to=rpeterso@fedoraproject.org \ --cc=cluster-cvs-relay@redhat.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).