From: Duncaen <mail@duncano.de>
Date: Tue, 12 Dec 2017 15:42:11 +0000 (+0100)
Subject: persist_timestamp: create timestamp file with O_NOFOLLOW and don't leak the name
X-Git-Tag: v6.6~47
X-Git-Url: https://git.armaanb.net/?p=opendoas.git;a=commitdiff_plain;h=6cf64c20542022569d468403b951065eea99b20b

persist_timestamp: create timestamp file with O_NOFOLLOW and don't leak the name
---

diff --git a/persist_timestamp.c b/persist_timestamp.c
index c30b8f3..81ea273 100644
--- a/persist_timestamp.c
+++ b/persist_timestamp.c
@@ -262,11 +262,12 @@ persist_open(int *valid, int secs)
 
 	if ((fd = openat(dirfd, name, (O_RDWR), (S_IRUSR|S_IWUSR))) == -1)
 		if (errno != ENOENT)
-			err(1, "open: %s", name);
+			err(1, "open timestamp file");
 
 	if (fd == -1) {
-		if ((fd = openat(dirfd, name, (O_RDWR|O_CREAT|O_EXCL), (S_IRUSR|S_IWUSR))) == -1)
-			err(1, "open: %s", name);
+		if ((fd = openat(dirfd, name, (O_RDWR|O_CREAT|O_EXCL|O_NOFOLLOW),
+		    (S_IRUSR|S_IWUSR))) == -1)
+			err(1, "open timestamp file");
 	}
 
 	size_t tssize;