Changeset 50522b5


Ignore:
Timestamp:
Jul 16, 2010, 7:43:42 PM (11 years ago)
Author:
Nelson Elhage <nelhage@mit.edu>
Branches:
master, release-1.7, release-1.8, release-1.9
Children:
26ad412
Parents:
d12a8c7
git-author:
Nelson Elhage <nelhage@mit.edu> (07/15/10 23:38:45)
git-committer:
Nelson Elhage <nelhage@mit.edu> (07/16/10 19:43:42)
Message:
Open the debug file using O_EXCL and an explicit mode.

We write potentially sensitive data out to the debug log, so we should protect
it.

Reported-by: Geoffrey Thomas <geofft@mit.edu>
File:
1 edited

Legend:

Unmodified
Added
Removed
  • global.c

    rd12a8c7 r50522b5  
    10811081  if (g->debug_file == NULL ||
    10821082      (open_file && strcmp(filename, open_file) != 0)) {
     1083    int fd;
     1084
    10831085    if (g->debug_file)
    10841086      fclose(g->debug_file);
    1085     g->debug_file = fopen(filename, "a");
     1087
     1088    g->debug_file = NULL;
     1089
     1090    fd = open(filename, O_CREAT|O_WRONLY|O_EXCL, 0600);
     1091    if (fd >= 0)
     1092      g->debug_file = fdopen(fd, "a");
    10861093
    10871094    owl_free(open_file);
Note: See TracChangeset for help on using the changeset viewer.