qcheck: address Coverity 206997 Insecure temporary file

Signed-off-by: Fabian Groffen <grobian@gentoo.org>
author: Fabian Groffen <grobian@gentoo.org> 2020-01-19 12:42:05 +0100
committer: Fabian Groffen <grobian@gentoo.org> 2020-01-19 12:42:05 +0100
commit: 06458fcdfeb3d0b267b18dba043028d6accf3b0d (patch)
tree: b5a50ca6282357d65d16e089e741cdfe15b81e58 /qcheck.c
parent: libq/tree: fix initialisation in tree_open_cat (diff)
download: portage-utils-06458fcdfeb3d0b267b18dba043028d6accf3b0d.tar.gz
portage-utils-06458fcdfeb3d0b267b18dba043028d6accf3b0d.tar.bz2
portage-utils-06458fcdfeb3d0b267b18dba043028d6accf3b0d.zip
1 files changed, 6 insertions, 1 deletions
diff --git a/qcheck.c b/qcheck.c
index 1d8521a..72a68a9 100644
--- a/qcheck.c
+++ b/qcheck.c
@@ -105,7 +105,12 @@ qcheck_cb(tree_pkg_ctx *pkg_ctx, void *priv)
 	/* Open contents_update, if needed */
 	if (state->qc_update) {
 		char tempfile[] = "qcheck-tmp-XXXXXX";
-		int fd = mkstemp(tempfile);
+		mode_t mask;
+		int fd;
+
+		mask = umask(0077);
+		fd = mkstemp(tempfile);
+		umask(mask);
 		if (fd == -1 || (fp_contents_update = fdopen(fd, "w+")) == NULL) {
 			if (fd >= 0)
 				close(fd);
author	Fabian Groffen <grobian@gentoo.org>	2020-01-19 12:42:05 +0100
committer	Fabian Groffen <grobian@gentoo.org>	2020-01-19 12:42:05 +0100
commit	06458fcdfeb3d0b267b18dba043028d6accf3b0d (patch)
tree	b5a50ca6282357d65d16e089e741cdfe15b81e58 /qcheck.c
parent	libq/tree: fix initialisation in tree_open_cat (diff)
download	portage-utils-06458fcdfeb3d0b267b18dba043028d6accf3b0d.tar.gz portage-utils-06458fcdfeb3d0b267b18dba043028d6accf3b0d.tar.bz2 portage-utils-06458fcdfeb3d0b267b18dba043028d6accf3b0d.zip