VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Common/libzip/mkstemp.c
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2018-03-18 23:13:40 +0100
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2018-03-18 23:13:40 +0100
commitcd7a01c34fc4304ef8161ee617568f274ace5d24 (patch)
tree41ed56e75a5feedc5f7d4fedb6338569d54d6076 /src/Common/libzip/mkstemp.c
parent49a8e52139b960afd3913053380190cf2d03ceda (diff)
downloadVeraCrypt-cd7a01c34fc4304ef8161ee617568f274ace5d24.tar.gz
VeraCrypt-cd7a01c34fc4304ef8161ee617568f274ace5d24.zip
Windows: Update libzip to version 1.5.0 that include fixes for some security issues.
Diffstat (limited to 'src/Common/libzip/mkstemp.c')
-rw-r--r--src/Common/libzip/mkstemp.c185
1 files changed, 94 insertions, 91 deletions
diff --git a/src/Common/libzip/mkstemp.c b/src/Common/libzip/mkstemp.c
index 2ccd3a48..01a531fc 100644
--- a/src/Common/libzip/mkstemp.c
+++ b/src/Common/libzip/mkstemp.c
@@ -31,8 +31,8 @@
* SUCH DAMAGE.
*/
-#include <sys/types.h>
#include <sys/stat.h>
+#include <sys/types.h>
#include <assert.h>
#include <ctype.h>
@@ -40,6 +40,9 @@
#include <fcntl.h>
#ifdef _WIN32
#include <io.h>
+#include <process.h>
+#else
+#include <unistd.h>
#endif
#include <stdio.h>
#include <stdlib.h>
@@ -50,101 +53,101 @@
int
-_zip_mkstemp(char *path)
-{
+_zip_mkstemp(char *path) {
#ifdef _WIN32
- int ret;
- ret = _creat(_mktemp(path), _S_IREAD|_S_IWRITE);
- if (ret == -1) {
- return 0;
- } else {
- return ret;
- }
+ int ret;
+ ret = _creat(_mktemp(path), _S_IREAD | _S_IWRITE);
+ if (ret == -1) {
+ return 0;
+ }
+ else {
+ return ret;
+ }
#else
- int fd;
- char *start, *trv;
- struct stat sbuf;
- pid_t pid;
-
- /* To guarantee multiple calls generate unique names even if
- the file is not created. 676 different possibilities with 7
- or more X's, 26 with 6 or less. */
- static char xtra[2] = "aa";
- int xcnt = 0;
-
- pid = getpid();
-
- /* Move to end of path and count trailing X's. */
- for (trv = path; *trv; ++trv)
- if (*trv == 'X')
- xcnt++;
- else
- xcnt = 0;
-
- /* Use at least one from xtra. Use 2 if more than 6 X's. */
- if (*(trv - 1) == 'X')
- *--trv = xtra[0];
- if (xcnt > 6 && *(trv - 1) == 'X')
- *--trv = xtra[1];
-
- /* Set remaining X's to pid digits with 0's to the left. */
- while (*--trv == 'X') {
- *trv = (pid % 10) + '0';
- pid /= 10;
+ int fd;
+ char *start, *trv;
+ struct stat sbuf;
+ pid_t pid;
+
+ /* To guarantee multiple calls generate unique names even if
+ the file is not created. 676 different possibilities with 7
+ or more X's, 26 with 6 or less. */
+ static char xtra[2] = "aa";
+ int xcnt = 0;
+
+ pid = getpid();
+
+ /* Move to end of path and count trailing X's. */
+ for (trv = path; *trv; ++trv)
+ if (*trv == 'X')
+ xcnt++;
+ else
+ xcnt = 0;
+
+ /* Use at least one from xtra. Use 2 if more than 6 X's. */
+ if (*(trv - 1) == 'X')
+ *--trv = xtra[0];
+ if (xcnt > 6 && *(trv - 1) == 'X')
+ *--trv = xtra[1];
+
+ /* Set remaining X's to pid digits with 0's to the left. */
+ while (*--trv == 'X') {
+ *trv = (pid % 10) + '0';
+ pid /= 10;
+ }
+
+ /* update xtra for next call. */
+ if (xtra[0] != 'z')
+ xtra[0]++;
+ else {
+ xtra[0] = 'a';
+ if (xtra[1] != 'z')
+ xtra[1]++;
+ else
+ xtra[1] = 'a';
+ }
+
+ /*
+ * check the target directory; if you have six X's and it
+ * doesn't exist this runs for a *very* long time.
+ */
+ for (start = trv + 1;; --trv) {
+ if (trv <= path)
+ break;
+ if (*trv == '/') {
+ *trv = '\0';
+ if (stat(path, &sbuf))
+ return (0);
+ if (!S_ISDIR(sbuf.st_mode)) {
+ errno = ENOTDIR;
+ return (0);
+ }
+ *trv = '/';
+ break;
}
-
- /* update xtra for next call. */
- if (xtra[0] != 'z')
- xtra[0]++;
- else {
- xtra[0] = 'a';
- if (xtra[1] != 'z')
- xtra[1]++;
+ }
+
+ for (;;) {
+ if ((fd = open(path, O_CREAT | O_EXCL | O_RDWR | O_BINARY, 0600)) >= 0)
+ return (fd);
+ if (errno != EEXIST)
+ return (0);
+
+ /* tricky little algorithm for backward compatibility */
+ for (trv = start;;) {
+ if (!*trv)
+ return (0);
+ if (*trv == 'z')
+ *trv++ = 'a';
+ else {
+ if (isdigit((unsigned char)*trv))
+ *trv = 'a';
else
- xtra[1] = 'a';
- }
-
- /*
- * check the target directory; if you have six X's and it
- * doesn't exist this runs for a *very* long time.
- */
- for (start = trv + 1;; --trv) {
- if (trv <= path)
- break;
- if (*trv == '/') {
- *trv = '\0';
- if (stat(path, &sbuf))
- return (0);
- if (!S_ISDIR(sbuf.st_mode)) {
- errno = ENOTDIR;
- return (0);
- }
- *trv = '/';
- break;
- }
- }
-
- for (;;) {
- if ((fd=open(path, O_CREAT|O_EXCL|O_RDWR|O_BINARY, 0600)) >= 0)
- return (fd);
- if (errno != EEXIST)
- return (0);
-
- /* tricky little algorithm for backward compatibility */
- for (trv = start;;) {
- if (!*trv)
- return (0);
- if (*trv == 'z')
- *trv++ = 'a';
- else {
- if (isdigit((unsigned char)*trv))
- *trv = 'a';
- else
- ++*trv;
- break;
- }
- }
+ ++*trv;
+ break;
+ }
}
+ }
/*NOTREACHED*/
#endif
}