[Lldb-commits] [lldb] r219983 - Change a use of mktemp() to mkstemp() for better security.
Jason Molenda
jmolenda at apple.com
Thu Oct 16 16:10:03 PDT 2014
Author: jmolenda
Date: Thu Oct 16 18:10:03 2014
New Revision: 219983
URL: http://llvm.org/viewvc/llvm-project?rev=219983&view=rev
Log:
Change a use of mktemp() to mkstemp() for better security.
We have two more uses of mktemp still in the source base
but they'll take a little more consideration.
clang static analyzer fixit.
Modified:
lldb/trunk/source/Expression/ClangExpressionParser.cpp
Modified: lldb/trunk/source/Expression/ClangExpressionParser.cpp
URL: http://llvm.org/viewvc/llvm-project/lldb/trunk/source/Expression/ClangExpressionParser.cpp?rev=219983&r1=219982&r2=219983&view=diff
==============================================================================
--- lldb/trunk/source/Expression/ClangExpressionParser.cpp (original)
+++ lldb/trunk/source/Expression/ClangExpressionParser.cpp Thu Oct 16 18:10:03 2014
@@ -312,11 +312,11 @@ ClangExpressionParser::Parse (Stream &st
temp_source_path = "/tmp/expr.XXXXXX";
}
- if (mktemp(&temp_source_path[0]))
+ int temp_fd = ::mkstemp(&temp_source_path[0]);
+
+ if (temp_fd != -1)
{
- lldb_private::File file (temp_source_path.c_str(),
- File::eOpenOptionWrite | File::eOpenOptionCanCreateNewOnly,
- lldb::eFilePermissionsFileDefault);
+ lldb_private::File file (temp_fd, true);
const size_t expr_text_len = strlen(expr_text);
size_t bytes_written = expr_text_len;
if (file.Write(expr_text, bytes_written).Success())
More information about the lldb-commits
mailing list