aboutsummaryrefslogtreecommitdiff
path: root/misc.h
diff options
context:
space:
mode:
authorDavid Sommerseth <dazo@users.sourceforge.net>2010-04-16 22:02:36 +0200
committerDavid Sommerseth <dazo@users.sourceforge.net>2010-04-27 23:07:38 +0200
commit61922ec59aceb3050fbdd799ff5d81a55243997f (patch)
treeb9a1d76d1884ac9259a4f2c7fae952c2c48a3051 /misc.h
parentMake use of counter_type instead of int when counting bytes and network packets (diff)
downloadopenvpn-61922ec59aceb3050fbdd799ff5d81a55243997f.tar.xz
Harden create_temp_filename() (version 2)
By hardening the create_temp_filename() function to check if the generated filename exists and to create the temp file with only S_IRUSR|S_IWUSR bit files set before calling the script, it should become even more difficult to exploit such a scenario. After a discussion on the mailing list, Fabian Knittel provided an enhanced version of the inital patch which is added to this patch. This patch also renames create_temp_filename() to create_temp_file(), as this patch also creates the temporary file. The function returns the filename of the created file, or NULL on error. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net> Signed-off-by: Fabian Knittel <fabian.knittel@avona.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Diffstat (limited to 'misc.h')
-rw-r--r--misc.h4
1 files changed, 2 insertions, 2 deletions
diff --git a/misc.h b/misc.h
index bf51e89..e3ce19e 100644
--- a/misc.h
+++ b/misc.h
@@ -218,8 +218,8 @@ long int get_random(void);
/* return true if filename can be opened for read */
bool test_file (const char *filename);
-/* create a temporary filename in directory */
-const char *create_temp_filename (const char *directory, const char *prefix, struct gc_arena *gc);
+/* create a temporary file in directory, returns the filename of the created file */
+const char *create_temp_file (const char *directory, const char *prefix, struct gc_arena *gc);
/* put a directory and filename together */
const char *gen_path (const char *directory, const char *filename, struct gc_arena *gc);