From: Ben Collins <bcollins@openldap.org>
Date: Mon, 24 Apr 2000 16:36:55 +0000 (+0000)
Subject: with the -t option (writing to /tmp) open files with O_CREAT|O_EXCL to overcome race... 
X-Git-Tag: OPENLDAP_REL_ENG_1_2_11~33
X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=7fa830b7549fd16ef26cc5e777c823438a597d9c;p=openldap

with the -t option (writing to /tmp) open files with O_CREAT|O_EXCL to overcome race conditions
---

diff --git a/clients/tools/ldapsearch.c b/clients/tools/ldapsearch.c
index bed8e713fe..94bcb62909 100644
--- a/clients/tools/ldapsearch.c
+++ b/clients/tools/ldapsearch.c
@@ -2,6 +2,7 @@
 
 #include <stdio.h>
 #include <stdlib.h>
+#include <sys/stat.h>
 
 #include <ac/ctype.h>
 #include <ac/signal.h>
@@ -9,6 +10,14 @@
 #include <ac/string.h>
 #include <ac/time.h>
 #include <ac/unistd.h>
+#include <ac/errno.h>
+
+#ifdef HAVE_FCNTL_H
+#include <fcntl.h>
+#endif
+#ifdef HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
 
 #include <lber.h>
 #include <ldap.h>
@@ -464,12 +473,15 @@ void print_entry(
 	} else if (( bvals = ldap_get_values_len( ld, entry, a )) != NULL ) {
 	    for ( i = 0; bvals[i] != NULL; i++ ) {
 		if ( vals2tmp ) {
+		    int tmpfd;
 		    sprintf( tmpfname, "/tmp/ldapsearch-%s-XXXXXX", a );
 		    tmpfp = NULL;
 
 		    if ( mktemp( tmpfname ) == NULL ) {
 			perror( tmpfname );
-		    } else if (( tmpfp = fopen( tmpfname, "w")) == NULL ) {
+		    } else if (( tmpfd = open( tmpfname, O_WRONLY|O_CREAT|O_EXCL, 0600 )) == -1 ) {
+			perror( tmpfname );
+		    } else if (( tmpfp = fdopen( tmpfd, "w")) == NULL ) {
 			perror( tmpfname );
 		    } else if ( fwrite( bvals[ i ]->bv_val,
 			    bvals[ i ]->bv_len, 1, tmpfp ) == 0 ) {
diff --git a/clients/ud/edit.c b/clients/ud/edit.c
index 8bdab14f9d..faf907ebee 100644
--- a/clients/ud/edit.c
+++ b/clients/ud/edit.c
@@ -14,6 +14,9 @@
 
 #include <stdio.h>
 #include <stdlib.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
 
 #include <ac/signal.h>
 #include <ac/string.h>
@@ -40,7 +43,7 @@ static int  print_attrs_and_values( FILE *fp, struct attribute *attrs, short fla
 static int  ovalues( char *attr );
 static void write_entry( void );
 
-static char *entry_temp_file;
+static char entry_temp_file[L_tmpnam];
 
 
 void
@@ -113,7 +116,7 @@ load_editor( void )
 {
 	FILE *fp;
 	char *cp, *editor = UD_DEFAULT_EDITOR;
-	static char template[MED_BUF_SIZE];
+	int tmpfd;
 #ifndef HAVE_SPAWNLP
 	int pid;
 	int status;
@@ -126,13 +129,16 @@ load_editor( void )
 #endif
 
 	/* write the entry into a temp file */
-	(void) strcpy(template, "/tmp/udEdit.XXXXXX");
-	if ((entry_temp_file = mktemp(template)) == NULL) {
-		perror("mktemp");
-		return(-1);
+	if (tmpnam(entry_temp_file) == NULL) {
+		perror("tmpnam");
+		return -1;
 	}
-	if ((fp = fopen(entry_temp_file, "w")) == NULL) {
-		perror("fopen");
+	if ((tmpfd = open(entry_temp_file, O_WRONLY|O_CREAT|O_EXCL, 0600)) == -1) {
+		perror(entry_temp_file);
+		return -1;
+	}
+	if ((fp = fdopen(tmpfd, "w")) == NULL) {
+		perror("fdopen");
 		return(-1);
 	}
 	fprintf(fp, "## Directory entry of %s\n", Entry.name);