oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Fw: Security risk of vim swap files

From: Solar Designer <solar () openwall com>
Date: Wed, 1 Nov 2017 19:12:09 +0100
On Wed, Nov 01, 2017 at 07:02:22PM +0100, Jakub Wilk wrote:

Unfortunately, glibc's implementation of tmpfile(3), which is the most 
fool-proof interface for dealing with temporary files that the C library 
offers, doesn't honour TMPDIR. :(


We've been carrying a patch for this for ages:

* Sun Dec 07 2003 Solar Designer <solar-at-owl.openwall.com> 2.1.3-owl37
- Allow tmpfile(3) to use $TMPDIR, thanks to the report and patch by
(GalaxyMaster).  Certain other implementations are known to do the same.

diff -uNrp glibc-2.3.2.orig/libio/oldtmpfile.c glibc-2.3.2/libio/oldtmpfile.c
--- glibc-2.3.2.orig/libio/oldtmpfile.c 2002-04-08 07:02:09 +0000
+++ glibc-2.3.2/libio/oldtmpfile.c      2004-03-08 08:07:57 +0000
@@ -35,7 +35,7 @@ __old_tmpfile (void)
   int fd;
   FILE *f;
 
-  if (__path_search (buf, FILENAME_MAX, NULL, "tmpf", 0))
+  if (__path_search (buf, FILENAME_MAX, NULL, "tmpf", 1))
     return NULL;
   fd = __gen_tempname (buf, __GT_FILE);
   if (fd < 0)
diff -uNrp glibc-2.3.2.orig/sysdeps/generic/tmpfile.c glibc-2.3.2/sysdeps/generic/tmpfile.c
--- glibc-2.3.2.orig/sysdeps/generic/tmpfile.c  2002-06-12 20:57:46 +0000
+++ glibc-2.3.2/sysdeps/generic/tmpfile.c       2004-03-08 08:21:53 +0000
@@ -43,7 +43,7 @@ tmpfile (void)
   int fd;
   FILE *f;
 
-  if (__path_search (buf, FILENAME_MAX, NULL, "tmpf", 0))
+  if (__path_search (buf, FILENAME_MAX, NULL, "tmpf", 1))
     return NULL;
   fd = __gen_tempname (buf, GEN_THIS);
   if (fd < 0)

Alexander
Previous By Date Next
Previous By Thread Next

Current thread: