kotovalexarian-likes-github/ruby--ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00
Code Releases Activity

mktemp() vulnerability removed.

Browse source 
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_4@795 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
matz 2000-06-30 09:13:33 +00:00
parent 982e6e91a7
commit d525aa0441
3 changed files with 19 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

8
ruby.c
View file

@ -19,6 +19,7 @@
#include <stdio.h>
#include <sys/types.h>
#include <ctype.h>
#include <fcntl.h>
#ifdef __hpux
#include <sys/pstat.h>
@ -342,9 +343,14 @@ proc_options(argcp, argvp)
exit(2);
}
if (!e_fp) {
int fd;
e_tmpname = ruby_mktemp();
if (!e_tmpname) rb_fatal("Can't mktemp");
e_fp = fopen(e_tmpname, "w");
fd = open(e_tmpname, O_CREAT|O_EXCL|O_RDWR, 0600);
if (fd < 0) {
rb_fatal("Cannot open temporary file: %s", e_tmpname);
}
e_fp = fdopen(fd, "w");
if (!e_fp) {
rb_fatal("Cannot open temporary file: %s", e_tmpname);
}