https://bugzilla.redhat.com/show_bug.cgi?id=871756
Commit
cd1e8d1 assumed that systems new enough to have journald
also have mkostemp; but this is not true for uclibc.
For that matter, use of mkstemp[s] is unsafe in a multi-threaded
program. We should prefer mkostemp[s] in the first place.
* bootstrap.conf (gnulib_modules): Add mkostemp, mkostemps; drop
mkstemp and mkstemps.
* cfg.mk (sc_prohibit_mkstemp): New syntax check.
* tools/virsh.c (vshEditWriteToTempFile): Adjust caller.
* src/qemu/qemu_driver.c (qemuDomainScreenshot)
(qemudDomainMemoryPeek): Likewise.
* src/secret/secret_driver.c (replaceFile): Likewise.
* src/vbox/vbox_tmpl.c (vboxDomainScreenshot): Likewise.
localeconv
maintainer-makefile
manywarnings
-mkstemp
-mkstemps
+mkostemp
+mkostemps
mktempd
net_if
netdb
halt='use virCommand for child processes' \
$(_sc_search_regexp)
+# Prefer mkostemp with O_CLOEXEC.
+sc_prohibit_mkstemp:
+ @prohibit='[^"]\<mkstemps? *\(' \
+ halt='use mkostemp with O_CLOEXEC instead of mkstemp' \
+ $(_sc_search_regexp)
+
# access with X_OK accepts directories, but we can't exec() those.
# access with F_OK or R_OK is okay, though.
sc_prohibit_access_xok:
goto endjob;
}
- if ((tmp_fd = mkstemp(tmp)) == -1) {
- virReportSystemError(errno, _("mkstemp(\"%s\") failed"), tmp);
+ if ((tmp_fd = mkostemp(tmp, O_CLOEXEC)) == -1) {
+ virReportSystemError(errno, _("mkostemp(\"%s\") failed"), tmp);
goto endjob;
}
unlink_tmp = true;
}
/* Create a temporary filename. */
- if ((fd = mkstemp (tmp)) == -1) {
+ if ((fd = mkostemp(tmp, O_CLOEXEC)) == -1) {
virReportSystemError(errno,
- _("mkstemp(\"%s\") failed"), tmp);
+ _("mkostemp(\"%s\") failed"), tmp);
goto endjob;
}
virReportOOMError();
goto cleanup;
}
- fd = mkstemp (tmp_path);
+ fd = mkostemp(tmp_path, O_CLOEXEC);
if (fd == -1) {
- virReportSystemError(errno, _("mkstemp('%s') failed"), tmp_path);
+ virReportSystemError(errno, _("mkostemp('%s') failed"), tmp_path);
goto cleanup;
}
if (fchmod(fd, S_IRUSR | S_IWUSR) != 0) {
return NULL;
}
- if ((tmp_fd = mkstemp(tmp)) == -1) {
- virReportSystemError(errno, _("mkstemp(\"%s\") failed"), tmp);
+ if ((tmp_fd = mkostemp(tmp, O_CLOEXEC)) == -1) {
+ virReportSystemError(errno, _("mkostemp(\"%s\") failed"), tmp);
VIR_FREE(tmp);
VBOX_RELEASE(machine);
return NULL;
vshError(ctl, "%s", _("out of memory"));
return NULL;
}
- fd = mkstemps(ret, 4);
+ fd = mkostemps(ret, 4, O_CLOEXEC);
if (fd == -1) {
- vshError(ctl, _("mkstemps: failed to create temporary file: %s"),
+ vshError(ctl, _("mkostemps: failed to create temporary file: %s"),
virStrerror(errno, ebuf, sizeof(ebuf)));
VIR_FREE(ret);
return NULL;
projects / libvirt.git / commitdiff