Set umask security before calling mkstemp().
authorSteinar H. Gunderson <sgunderson@bigfoot.com>
Fri, 19 Apr 2013 17:23:24 +0000 (19:23 +0200)
committerSteinar H. Gunderson <sgunderson@bigfoot.com>
Fri, 19 Apr 2013 17:23:24 +0000 (19:23 +0200)
Found by Coverity Scan.

util.cpp

index b8862ed..45bf5b5 100644 (file)
--- a/util.cpp
+++ b/util.cpp
@@ -3,6 +3,8 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <unistd.h>
+#include <sys/stat.h>
+#include <sys/types.h>
 
 #include "log.h"
 #include "util.h"
@@ -12,7 +14,9 @@ using namespace std;
 int make_tempfile(const std::string &contents)
 {
        char filename[] = "/tmp/cubemap.XXXXXX";
+       mode_t old_umask = umask(0600);
        int fd = mkstemp(filename);
+       umask(old_umask);
        if (fd == -1) {
                log_perror("mkstemp");
                return -1;