From 6cf64c20542022569d468403b951065eea99b20b Mon Sep 17 00:00:00 2001
From: Duncaen <mail@duncano.de>
Date: Tue, 12 Dec 2017 16:42:11 +0100
Subject: [PATCH] persist_timestamp: create timestamp file with O_NOFOLLOW and
 don't leak the name

---
 persist_timestamp.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/persist_timestamp.c b/persist_timestamp.c
index c30b8f3..81ea273 100644
--- a/persist_timestamp.c
+++ b/persist_timestamp.c
@@ -262,11 +262,12 @@ persist_open(int *valid, int secs)
 
 	if ((fd = openat(dirfd, name, (O_RDWR), (S_IRUSR|S_IWUSR))) == -1)
 		if (errno != ENOENT)
-			err(1, "open: %s", name);
+			err(1, "open timestamp file");
 
 	if (fd == -1) {
-		if ((fd = openat(dirfd, name, (O_RDWR|O_CREAT|O_EXCL), (S_IRUSR|S_IWUSR))) == -1)
-			err(1, "open: %s", name);
+		if ((fd = openat(dirfd, name, (O_RDWR|O_CREAT|O_EXCL|O_NOFOLLOW),
+		    (S_IRUSR|S_IWUSR))) == -1)
+			err(1, "open timestamp file");
 	}
 
 	size_t tssize;
-- 
2.39.2