1Create better temporary files. 2 3Probably-Signed-off-by: Dave Bender <bender@benegon.com> 4[yann.morin.1998@free.fr: patch was made by Dave, but he 5 forgot his SoB line, so I added it; split the patch in two 6 independent fixes] 7Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> 8 9diff -rupN cgic206/cgic.c cgic206_tempfile/cgic.c 10--- cgic206/cgic.c 2014-03-16 18:17:11.000000000 -0400 11+++ cgic206_tempfile/cgic.c 2015-01-21 11:58:45.436384908 -0500 12@@ -22,6 +22,8 @@ 13 #define CGICDEBUGEND 14 #endif /* CGICDEBUG */ 15 16+#define _GNU_SOURCE 17+ 18 #include <stdio.h> 19 #include <string.h> 20 #include <ctype.h> 21@@ -34,11 +36,11 @@ 22 #include <io.h> 23 24 /* cgic 2.01 */ 25-#include <fcntl.h> 26 27 #else 28 #include <unistd.h> 29 #endif /* WIN32 */ 30+#include <fcntl.h> 31 #include "cgic.h" 32 33 #define cgiStrEq(a, b) (!strcmp((a), (b))) 34@@ -636,16 +638,17 @@ static cgiParseResultType getTempFileNam 35 window between the file's creation and the 36 chmod call (glibc 2.0.6 and lower might 37 otherwise have allowed this). */ 38+ mode_t umode; 39 int outfd; 40+ umode = umask(0600); 41 strcpy(tfileName, cgicTempDir "/cgicXXXXXX"); 42- outfd = mkstemp(tfileName); 43+ outfd = mkostemp(tfileName, O_CLOEXEC | O_NOATIME); 44+ umask(umode); 45 if (outfd == -1) { 46 return cgiParseIO; 47 } 48- close(outfd); 49- /* Fix the permissions */ 50- if (chmod(tfileName, 0600) != 0) { 51- unlink(tfileName); 52+ 53+ if (close(outfd)) { 54 return cgiParseIO; 55 } 56 #else 57