diff options
| author | Jarkko Hietaniemi <jhi@iki.fi> | 2014-04-24 12:23:18 -0400 |
|---|---|---|
| committer | Steffen Mueller <smueller@cpan.org> | 2014-05-28 19:27:22 +0200 |
| commit | 60f7fc1ea42054e92f34b4ce9d608efd14357392 (patch) | |
| tree | 28c83d8e07c36a239f75ef63cb66708b503152ed /perlio.c | |
| parent | c67159e16ee2c8d23fc3c3a55448ffbda709b3f6 (diff) | |
| download | perl-60f7fc1ea42054e92f34b4ce9d608efd14357392.tar.gz | |
Fix for Coverity perl5 CID 29068: Insecure temporary file (SECURE_TEMP) secure_temp: Calling mkstemp() without securely setting umask first.
The umask used for mkstemp should be secure, but umask 0600 has been
the required umask only since POSIX.1-2008. In glibc 2.06 and earlier
the default was 0666, which is not secure. And no explicit knowledge
of how well non-glibc platforms implement mkstemp. Better err on the
side security, so set the umask temporarily to 0600, and then restore it.
Diffstat (limited to 'perlio.c')
| -rw-r--r-- | perlio.c | 2 |
1 files changed, 2 insertions, 0 deletions
@@ -4962,6 +4962,7 @@ PerlIO_tmpfile(void) char tempname[] = "/tmp/PerlIO_XXXXXX"; const char * const tmpdir = TAINTING_get ? NULL : PerlEnv_getenv("TMPDIR"); SV * sv = NULL; + int old_umask = umask(0600); /* * I have no idea how portable mkstemp() is ... NI-S */ @@ -4983,6 +4984,7 @@ PerlIO_tmpfile(void) sv_catpv(sv, tempname + 4); fd = mkstemp(SvPVX(sv)); } + umask(old_umask); if (fd >= 0) { f = PerlIO_fdopen(fd, "w+"); if (f) |