From b8352f46d7d45631d38fc120ccda09268818a686 Mon Sep 17 00:00:00 2001
From: "Steinar H. Gunderson" <sgunderson@bigfoot.com>
Date: Fri, 19 Apr 2013 19:23:24 +0200
Subject: [PATCH] Set umask security before calling mkstemp().

Found by Coverity Scan.
---
 util.cpp | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/util.cpp b/util.cpp
index b8862ed..45bf5b5 100644
--- a/util.cpp
+++ b/util.cpp
@@ -3,6 +3,8 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <unistd.h>
+#include <sys/stat.h>
+#include <sys/types.h>
 
 #include "log.h"
 #include "util.h"
@@ -12,7 +14,9 @@ using namespace std;
 int make_tempfile(const std::string &contents)
 {
 	char filename[] = "/tmp/cubemap.XXXXXX";
+	mode_t old_umask = umask(0600);
 	int fd = mkstemp(filename);
+	umask(old_umask);
 	if (fd == -1) {
 		log_perror("mkstemp");
 		return -1;
-- 
2.39.2