svn commit: r190485 - in head/lib/libc/db: btree hash

Fri, 27 Mar 2009 22:57:53 -0700 

Author: delphij
Date: Sat Mar 28 05:57:27 2009
New Revision: 190485
URL: http://svn.freebsd.org/changeset/base/190485

Log:
  db/btree/bt_open.c: check return value of snprintf() and return value
  if the result is truncated.
  
  db/hash/hash_page.c: use the same way to create temporary file as
  bt_open.c; check snprintf() return value.
  
  Obtained from:        OpenBSD

Modified:
  head/lib/libc/db/btree/bt_open.c
  head/lib/libc/db/hash/hash_page.c

Modified: head/lib/libc/db/btree/bt_open.c
==============================================================================
--- head/lib/libc/db/btree/bt_open.c    Sat Mar 28 05:45:29 2009        
(r190484)
+++ head/lib/libc/db/btree/bt_open.c    Sat Mar 28 05:57:27 2009        
(r190485)
@@ -383,14 +383,18 @@ static int
 tmp(void)
 {
        sigset_t set, oset;
-       int fd;
+       int fd, len;
        char *envtmp = NULL;
        char path[MAXPATHLEN];
 
        if (issetugid() == 0)
                envtmp = getenv("TMPDIR");
-       (void)snprintf(path,
+       len = snprintf(path,
            sizeof(path), "%s/bt.XXXXXXXXXX", envtmp ? envtmp : "/tmp");
+       if (len < 0 || len >= (int)sizeof(path)) {
+               errno = ENAMETOOLONG;
+               return(-1);
+       }
 
        (void)sigfillset(&set);
        (void)_sigprocmask(SIG_BLOCK, &set, &oset);

Modified: head/lib/libc/db/hash/hash_page.c
==============================================================================
--- head/lib/libc/db/hash/hash_page.c   Sat Mar 28 05:45:29 2009        
(r190484)
+++ head/lib/libc/db/hash/hash_page.c   Sat Mar 28 05:57:27 2009        
(r190485)
@@ -53,7 +53,7 @@ __FBSDID("$FreeBSD$");
  */
 
 #include "namespace.h"
-#include <sys/types.h>
+#include <sys/param.h>
 
 #include <errno.h>
 #include <fcntl.h>
@@ -833,13 +833,24 @@ static int
 open_temp(HTAB *hashp)
 {
        sigset_t set, oset;
-       static char namestr[] = "_hashXXXXXX";
+       int len;
+       char *envtmp = NULL;
+       char path[MAXPATHLEN];
+
+       if (issetugid() == 0)
+               envtmp = getenv("TMPDIR");
+       len = snprintf(path,
+           sizeof(path), "%s/_hash.XXXXXX", envtmp ? envtmp : "/tmp");
+       if (len < 0 || len >= sizeof(path)) {
+               errno = ENAMETOOLONG;
+               return (-1);
+       }
 
        /* Block signals; make sure file goes away at process exit. */
        (void)sigfillset(&set);
        (void)_sigprocmask(SIG_BLOCK, &set, &oset);
-       if ((hashp->fp = mkstemp(namestr)) != -1) {
-               (void)unlink(namestr);
+       if ((hashp->fp = mkstemp(path)) != -1) {
+               (void)unlink(path);
                (void)_fcntl(hashp->fp, F_SETFD, 1);
        }
        (void)_sigprocmask(SIG_SETMASK, &oset, (sigset_t *)NULL);
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Reply via email to