Bug 1234524 - Fixing a potentially unsafe chmod call in sdb.c, r=franziskus

author: Michelangelo De Simone <mdesimone@mozilla.com> 2016-03-29 14:36:19 -0700
committer: Michelangelo De Simone <mdesimone@mozilla.com> 2016-03-29 14:36:19 -0700
commit: f89f30b4b92511c3d7f34d7e275abb44996c028d (patch)
tree: 5131c69e27c762f53bd5b1e6ea74f86fc0b5fce1
parent: 5bf28aa393d17e5b468633f53c8dc2a5b68feb40 (diff)
download: nss-hg-f89f30b4b92511c3d7f34d7e275abb44996c028d.tar.gz
1 files changed, 10 insertions, 6 deletions
diff --git a/lib/softoken/sdb.c b/lib/softoken/sdb.c
index 85da23bfe..c100304b2 100644
--- a/lib/softoken/sdb.c
+++ b/lib/softoken/sdb.c
@@ -411,7 +411,7 @@ sdb_measureAccess(const char *directory)
 	 * temp remains unchanged during our loop. */
         PR_snprintf(tempStartOfFilename, maxFileNameLen,
 		    ".%lu%s", (PRUint32)(time+i), doesntExistName);
-	PR_Access(temp,PR_ACCESS_EXISTS);
+	PR_Access(temp, PR_ACCESS_EXISTS);
 	next = PR_IntervalNow();
 	delta = next - time;
 	if (delta >= duration)
@@ -1730,11 +1730,15 @@ sdb_init(char *dbname, char *table, sdbDataType type, int *inUpdate,
 	error = sdb_mapSQLError(type, sqlerr); 
 	goto loser;
     }
-    /* sql created the file, but it doesn't set appropriate modes for
-     * a database */
-    if (create) {
-	/* NO NSPR call for this? :( */
-	chmod (dbname, 0600);
+
+    /*
+     * SQL created the file, but it doesn't set appropriate modes for
+     * a database.
+     *
+     * NO NSPR call for chmod? :(
+     */
+    if (create && !chmod(dbname, 0600)) {
+        goto loser;
     }
 
     if (flags != SDB_RDONLY) {
author	Michelangelo De Simone <mdesimone@mozilla.com>	2016-03-29 14:36:19 -0700
committer	Michelangelo De Simone <mdesimone@mozilla.com>	2016-03-29 14:36:19 -0700
commit	f89f30b4b92511c3d7f34d7e275abb44996c028d (patch)
tree	5131c69e27c762f53bd5b1e6ea74f86fc0b5fce1
parent	5bf28aa393d17e5b468633f53c8dc2a5b68feb40 (diff)
download	nss-hg-f89f30b4b92511c3d7f34d7e275abb44996c028d.tar.gz