projects / musl / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3b00675)
fix error cases in mkostemps core
authorRich Felker <dalias@aerifal.cx>
Thu, 21 Feb 2013 03:58:46 +0000 (22:58 -0500)
committerRich Felker <dalias@aerifal.cx>
Thu, 21 Feb 2013 03:58:46 +0000 (22:58 -0500)
1. wrong return value and missing errno for negative suffix len
2. failure to catch suffix len > strlen
3. remove unwanted clearing of input string in invalid case

src/temp/mkostemps.c patch | blob | history

diff --git a/src/temp/mkostemps.c b/src/temp/mkostemps.c
index 804a547..d87d4b6 100644 (file)
--- a/src/temp/mkostemps.c
+++ b/src/temp/mkostemps.c
@@ -9,18 +9,15 @@ char *__randname(char *);
 
 int __mkostemps(char *template, int len, int flags)
 {
 
 int __mkostemps(char *template, int len, int flags)
 {
-       if (len < 0) return EINVAL;
-
-       size_t l = strlen(template)-len;
-       if (l < 6 || strncmp(template+l-6, "XXXXXX", 6)) {
+       size_t l = strlen(template);
+       if (l<6 || len>l-6 || strncmp(template+l-len-6, "XXXXXX", 6)) {
                errno = EINVAL;
                errno = EINVAL;
-               *template = 0;
                return -1;
        }
 
        int fd, retries = 100;
        while (retries--) {
                return -1;
        }
 
        int fd, retries = 100;
        while (retries--) {
-               __randname(template+l-6);
+               __randname(template+l-len-6);
                if ((fd = open(template, flags | O_RDWR | O_CREAT | O_EXCL, 0600))>=0)
                        return fd;
                if (errno != EEXIST) return -1;
                if ((fd = open(template, flags | O_RDWR | O_CREAT | O_EXCL, 0600))>=0)
                        return fd;
                if (errno != EEXIST) return -1;
musl