summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/journal/coredumpctl.c2
-rw-r--r--src/journal/journalctl.c2
-rw-r--r--src/journal/test-catalog.c9
-rw-r--r--src/journal/test-mmap-cache.c7
-rw-r--r--src/shared/ask-password-api.c5
-rw-r--r--src/shared/util.c8
-rw-r--r--src/test/test-fileio.c10
-rw-r--r--src/test/test-tmpfiles.c4
-rw-r--r--src/test/test-unit-file.c18
-rw-r--r--src/test/test-util.c8
10 files changed, 43 insertions, 30 deletions
diff --git a/src/journal/coredumpctl.c b/src/journal/coredumpctl.c
index e564ab656c..3bceb48ff7 100644
--- a/src/journal/coredumpctl.c
+++ b/src/journal/coredumpctl.c
@@ -472,7 +472,7 @@ static int run_gdb(sd_journal *j) {
data = (const uint8_t*) data + 9;
len -= 9;
- fd = mkostemp(path, O_WRONLY);
+ fd = mkostemp_safe(path, O_WRONLY|O_CLOEXEC);
if (fd < 0) {
log_error("Failed to create temporary file: %m");
return -errno;
diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c
index 2d99ade117..482795bd38 100644
--- a/src/journal/journalctl.c
+++ b/src/journal/journalctl.c
@@ -1286,7 +1286,7 @@ static int setup_keys(void) {
n /= arg_interval;
close_nointr_nofail(fd);
- fd = mkostemp(k, O_WRONLY|O_CLOEXEC|O_NOCTTY);
+ fd = mkostemp_safe(k, O_WRONLY|O_CLOEXEC);
if (fd < 0) {
log_error("Failed to open %s: %m", k);
r = -errno;
diff --git a/src/journal/test-catalog.c b/src/journal/test-catalog.c
index ffe180265b..b087a8b81c 100644
--- a/src/journal/test-catalog.c
+++ b/src/journal/test-catalog.c
@@ -24,6 +24,7 @@
#include <stdlib.h>
#include <unistd.h>
#include <errno.h>
+#include <fcntl.h>
#include "util.h"
#include "log.h"
@@ -45,7 +46,9 @@ static void test_import(Hashmap *h, struct strbuf *sb,
const char* contents, ssize_t size, int code) {
int r;
char name[] = "/tmp/test-catalog.XXXXXX";
- _cleanup_close_ int fd = mkstemp(name);
+ _cleanup_close_ int fd;
+
+ fd = mkostemp_safe(name, O_RDWR|O_CLOEXEC);
assert(fd >= 0);
assert_se(write(fd, contents, size) == size);
@@ -98,10 +101,10 @@ static void test_catalog_importing(void) {
static const char* database = NULL;
static void test_catalog_update(void) {
+ static char name[] = "/tmp/test-catalog.XXXXXX";
int r;
- static char name[] = "/tmp/test-catalog.XXXXXX";
- r = mkstemp(name);
+ r = mkostemp_safe(name, O_RDWR|O_CLOEXEC);
assert(r >= 0);
database = name;
diff --git a/src/journal/test-mmap-cache.c b/src/journal/test-mmap-cache.c
index e2ffaf4723..7d03bfe9d1 100644
--- a/src/journal/test-mmap-cache.c
+++ b/src/journal/test-mmap-cache.c
@@ -22,6 +22,7 @@
#include <stdlib.h>
#include <sys/mman.h>
#include <unistd.h>
+#include <fcntl.h>
#include "log.h"
#include "macro.h"
@@ -36,15 +37,15 @@ int main(int argc, char *argv[]) {
assert_se(m = mmap_cache_new());
- x = mkstemp(px);
+ x = mkostemp_safe(px, O_RDWR|O_CLOEXEC);
assert(x >= 0);
unlink(px);
- y = mkstemp(py);
+ y = mkostemp_safe(py, O_RDWR|O_CLOEXEC);
assert(y >= 0);
unlink(py);
- z = mkstemp(pz);
+ z = mkostemp_safe(pz, O_RDWR|O_CLOEXEC);
assert(z >= 0);
unlink(pz);
diff --git a/src/shared/ask-password-api.c b/src/shared/ask-password-api.c
index c9c82b2520..a328f145e9 100644
--- a/src/shared/ask-password-api.c
+++ b/src/shared/ask-password-api.c
@@ -325,10 +325,7 @@ int ask_password_agent(
mkdir_p_label("/run/systemd/ask-password", 0755);
- RUN_WITH_UMASK(0022) {
- fd = mkostemp(temp, O_CLOEXEC|O_CREAT|O_WRONLY);
- }
-
+ fd = mkostemp_safe(temp, O_WRONLY|O_CLOEXEC);
if (fd < 0) {
log_error("Failed to create password file: %m");
r = -errno;
diff --git a/src/shared/util.c b/src/shared/util.c
index f9cbb2073c..2b91ef8a8f 100644
--- a/src/shared/util.c
+++ b/src/shared/util.c
@@ -3893,7 +3893,7 @@ int fopen_temporary(const char *path, FILE **_f, char **_temp_path) {
t[k] = '.';
stpcpy(stpcpy(t+k+1, fn), "XXXXXX");
- fd = mkostemp(t, O_WRONLY|O_CLOEXEC);
+ fd = mkostemp_safe(t, O_WRONLY|O_CLOEXEC);
if (fd < 0) {
free(t);
return -errno;
@@ -6115,11 +6115,15 @@ int mkostemp_safe(char *pattern, int flags) {
unsigned long tries = TMP_MAX;
char *s;
int r;
+ _cleanup_umask_ mode_t u;
assert(pattern);
+ u = umask(077);
+
/* This is much like like mkostemp() but avoids using any
- * static variables, thus is async signal safe */
+ * static variables, thus is async signal safe. Also, it's not
+ * subject to umask(). */
s = endswith(pattern, "XXXXXX");
if (!s)
diff --git a/src/test/test-fileio.c b/src/test/test-fileio.c
index eb4fbc91d2..47a0907f90 100644
--- a/src/test/test-fileio.c
+++ b/src/test/test-fileio.c
@@ -41,11 +41,11 @@ static void test_parse_env_file(void) {
char **i;
unsigned k;
- fd = mkstemp(p);
+ fd = mkostemp_safe(p, O_RDWR|O_CLOEXEC);
assert_se(fd >= 0);
close(fd);
- fd = mkostemp(t, O_CLOEXEC);
+ fd = mkostemp_safe(t, O_RDWR|O_CLOEXEC);
assert_se(fd >= 0);
f = fdopen(fd, "w");
@@ -154,11 +154,11 @@ static void test_parse_multiline_env_file(void) {
_cleanup_strv_free_ char **a = NULL, **b = NULL;
char **i;
- fd = mkstemp(p);
+ fd = mkostemp_safe(p, O_RDWR|O_CLOEXEC);
assert_se(fd >= 0);
close(fd);
- fd = mkostemp(t, O_CLOEXEC);
+ fd = mkostemp_safe(t, O_RDWR|O_CLOEXEC);
assert_se(fd >= 0);
f = fdopen(fd, "w");
@@ -207,7 +207,7 @@ static void test_executable_is_script(void) {
FILE *f;
char *command;
- fd = mkostemp(t, O_CLOEXEC);
+ fd = mkostemp_safe(t, O_RDWR|O_CLOEXEC);
assert_se(fd >= 0);
f = fdopen(fd, "w");
diff --git a/src/test/test-tmpfiles.c b/src/test/test-tmpfiles.c
index f25a0dca52..565f0f8b40 100644
--- a/src/test/test-tmpfiles.c
+++ b/src/test/test-tmpfiles.c
@@ -34,13 +34,13 @@ int main(int argc, char** argv) {
_cleanup_close_ int fd, fd2;
_cleanup_free_ char *cmd, *cmd2;
- fd = open_tmpfile(p, O_RDWR);
+ fd = open_tmpfile(p, O_RDWR|O_CLOEXEC);
assert(fd >= 0);
assert_se(asprintf(&cmd, "ls -l /proc/"PID_FMT"/fd/%d", getpid(), fd) > 0);
system(cmd);
- fd2 = mkostemp_safe(pattern, O_RDWR);
+ fd2 = mkostemp_safe(pattern, O_RDWR|O_CLOEXEC);
assert(fd >= 0);
assert_se(unlink(pattern) == 0);
diff --git a/src/test/test-unit-file.c b/src/test/test-unit-file.c
index 1b4133b5d3..a8d5b65e6d 100644
--- a/src/test/test-unit-file.c
+++ b/src/test/test-unit-file.c
@@ -25,6 +25,7 @@
#include <stddef.h>
#include <string.h>
#include <unistd.h>
+#include <fcntl.h>
#include "install.h"
#include "install-printf.h"
@@ -221,7 +222,9 @@ static void test_load_env_file_1(void) {
int r;
char name[] = "/tmp/test-load-env-file.XXXXXX";
- _cleanup_close_ int fd = mkstemp(name);
+ _cleanup_close_ int fd;
+
+ fd = mkostemp_safe(name, O_RDWR|O_CLOEXEC);
assert(fd >= 0);
assert_se(write(fd, env_file_1, sizeof(env_file_1)) == sizeof(env_file_1));
@@ -242,7 +245,9 @@ static void test_load_env_file_2(void) {
int r;
char name[] = "/tmp/test-load-env-file.XXXXXX";
- _cleanup_close_ int fd = mkstemp(name);
+ _cleanup_close_ int fd;
+
+ fd = mkostemp_safe(name, O_RDWR|O_CLOEXEC);
assert(fd >= 0);
assert_se(write(fd, env_file_2, sizeof(env_file_2)) == sizeof(env_file_2));
@@ -258,7 +263,9 @@ static void test_load_env_file_3(void) {
int r;
char name[] = "/tmp/test-load-env-file.XXXXXX";
- _cleanup_close_ int fd = mkstemp(name);
+ _cleanup_close_ int fd;
+
+ fd = mkostemp_safe(name, O_RDWR|O_CLOEXEC);
assert(fd >= 0);
assert_se(write(fd, env_file_3, sizeof(env_file_3)) == sizeof(env_file_3));
@@ -270,10 +277,11 @@ static void test_load_env_file_3(void) {
static void test_load_env_file_4(void) {
_cleanup_strv_free_ char **data = NULL;
+ char name[] = "/tmp/test-load-env-file.XXXXXX";
+ _cleanup_close_ int fd;
int r;
- char name[] = "/tmp/test-load-env-file.XXXXXX";
- _cleanup_close_ int fd = mkstemp(name);
+ fd = mkostemp_safe(name, O_RDWR|O_CLOEXEC);
assert(fd >= 0);
assert_se(write(fd, env_file_4, sizeof(env_file_4)) == sizeof(env_file_4));
diff --git a/src/test/test-util.c b/src/test/test-util.c
index f819589b52..43bb0249a2 100644
--- a/src/test/test-util.c
+++ b/src/test/test-util.c
@@ -56,9 +56,9 @@ static void test_close_many(void) {
char name1[] = "/tmp/test-close-many.XXXXXX";
char name2[] = "/tmp/test-close-many.XXXXXX";
- fds[0] = mkstemp(name0);
- fds[1] = mkstemp(name1);
- fds[2] = mkstemp(name2);
+ fds[0] = mkostemp_safe(name0, O_RDWR|O_CLOEXEC);
+ fds[1] = mkostemp_safe(name1, O_RDWR|O_CLOEXEC);
+ fds[2] = mkostemp_safe(name2, O_RDWR|O_CLOEXEC);
close_many(fds, 2);
@@ -591,7 +591,7 @@ static void test_writev_safe(void) {
IOVEC_SET_STRING(iov[1], ALPHANUMERICAL "\n");
IOVEC_SET_STRING(iov[2], "");
- fd = mkstemp(name);
+ fd = mkostemp_safe(name, O_RDWR|O_CLOEXEC);
printf("test_writev_safe: %s", name);
r = writev_safe(fd, iov, 3);