[dm-devel] [PATCH v2 12/21] libmultipath (coverity): set umask before mkstemp
mwilck at suse.com
mwilck at suse.com
Wed Dec 1 12:36:41 UTC 2021
From: Martin Wilck <mwilck at suse.com>
Coverity SECURE_TEMP
(https://scan4.coverity.com/doc/en/cov_checker_ref.html#static_checker_SECURE_TEMP).
multipathd sets this umask anyway, but multipath doesn't.
Reviewed-by: Benjamin Marzinski <bmarzins at redhat.com>
Signed-off-by: Martin Wilck <mwilck at suse.com>
---
libmultipath/alias.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/libmultipath/alias.c b/libmultipath/alias.c
index 6ae512c..87c33af 100644
--- a/libmultipath/alias.c
+++ b/libmultipath/alias.c
@@ -578,13 +578,17 @@ static int fix_bindings_file(const struct config *conf,
int rc;
long fd;
char tempname[PATH_MAX];
+ mode_t old_umask;
if (safe_sprintf(tempname, "%s.XXXXXX", conf->bindings_file))
return -1;
+ /* coverity: SECURE_TEMP */
+ old_umask = umask(0077);
if ((fd = mkstemp(tempname)) == -1) {
condlog(1, "%s: mkstemp: %m", __func__);
return -1;
}
+ umask(old_umask);
pthread_cleanup_push(close_fd, (void*)fd);
rc = write_bindings_file(bindings, fd);
pthread_cleanup_pop(1);
--
2.33.1
More information about the dm-devel
mailing list