qpkg: fix Coverity 125928 Insecure temporary file

Signed-off-by: Fabian Groffen <grobian@gentoo.org>
author: Fabian Groffen <grobian@gentoo.org> 2020-01-22 20:53:01 +0100
committer: Fabian Groffen <grobian@gentoo.org> 2020-01-22 20:53:01 +0100
commit: 2a819a2ff765005b4e6dbda35f794443c27522ee (patch)
tree: 942d0090b0e981a39561be4e84afc74788db8bd9 /qpkg.c
parent: qpkg: fix Coverity 125923 Resource leak (diff)
download: portage-utils-2a819a2ff765005b4e6dbda35f794443c27522ee.tar.gz
portage-utils-2a819a2ff765005b4e6dbda35f794443c27522ee.tar.bz2
portage-utils-2a819a2ff765005b4e6dbda35f794443c27522ee.zip
1 files changed, 5 insertions, 1 deletions
diff --git a/qpkg.c b/qpkg.c
index 948d564b..eaca37b4 100644
--- a/qpkg.c
+++ b/qpkg.c
@@ -179,6 +179,7 @@ qpkg_make(depend_atom *atom)
 	int i;
 	char *xpak_argv[2];
 	struct stat st;
+	mode_t mask;
 
 	if (pretend) {
 		printf(" %s-%s %s:\n",
@@ -197,7 +198,10 @@ qpkg_make(depend_atom *atom)
 	}
 
 	snprintf(tmpdir, sizeof(tmpdir), "%s/qpkg.XXXXXX", qpkg_bindir);
-	if ((i = mkstemp(tmpdir)) == -1) {
+	mask = umask(0077);
+	i = mkstemp(tmpdir);
+	umask(mask);
+	if (i == -1) {
 		fclose(fp);
 		free(buf);
 		return -2;
author	Fabian Groffen <grobian@gentoo.org>	2020-01-22 20:53:01 +0100
committer	Fabian Groffen <grobian@gentoo.org>	2020-01-22 20:53:01 +0100
commit	2a819a2ff765005b4e6dbda35f794443c27522ee (patch)
tree	942d0090b0e981a39561be4e84afc74788db8bd9 /qpkg.c
parent	qpkg: fix Coverity 125923 Resource leak (diff)
download	portage-utils-2a819a2ff765005b4e6dbda35f794443c27522ee.tar.gz portage-utils-2a819a2ff765005b4e6dbda35f794443c27522ee.tar.bz2 portage-utils-2a819a2ff765005b4e6dbda35f794443c27522ee.zip