commit - 27b4c54558044e35c1079a65395effc786552eea
commit + 511cc44cfffe3c2b5528f341c82427561f903cd0
blob - 1373630debd4af1d840cc9ff3ac09784e5976ff9
blob + 2f8055f7fbd3bca82f3bd400cae58be14179ec0a
--- FICS/playerdb.c
+++ FICS/playerdb.c
Markus Uhlin 25/04/02 add_to_list: added an upper
limit for the list size.
Markus Uhlin 25/04/06 Fixed Clang Tidy warnings.
+ Markus Uhlin 25/07/28 Restricted file permissions upon
+ creation.
*/
#include "stdinclude.h"
#include <err.h>
#include <errno.h>
+#include <fcntl.h>
+#include <inttypes.h>
#include <stdint.h>
#include "command.h"
FILE *fp;
char fname[MAX_FILENAME_SIZE];
char fname2[MAX_FILENAME_SIZE];
+ int fd;
if (!parray[p].registered) // Player must not be registered
return -1;
parray[p].login[0], parray[p].login);
xrename(__func__, fname, fname2);
- if ((fp = fopen(fname2, "a")) != NULL) { // Touch the file
+ errno = 0;
+ fd = open(fname2, O_WRONLY|O_CREAT, S_IWUSR|S_IRUSR);
+
+ if (fd < 0) {
+ warn("%s: open", __func__);
+ return -1;
+ } else if ((fp = fdopen(fd, "a")) != NULL) { // Touch the file
fprintf(fp, "\n");
fclose(fp);
+ } else {
+ close(fd);
}
return 0;
{
FILE *fp;
char fname[MAX_FILENAME_SIZE];
+ int fd;
if (!player_num_ok_chk(p)) {
warnx("%s: invalid player number %d", __func__, p);
snprintf(fname, sizeof fname, "%s/%c/%s", player_dir,
parray[p].login[0], parray[p].login);
- if ((fp = fopen(fname, "w")) == NULL) {
+ errno = 0;
+ fd = open(fname, O_WRONLY|O_CREAT, S_IWUSR|S_IRUSR);
+
+ if (fd < 0) {
warn("%s: Problem opening file %s for write", __func__, fname);
return -1;
+ } else if ((fp = fdopen(fd, "w")) == NULL) {
+ warn("%s: Problem opening file %s for write", __func__, fname);
+ close(fd);
+ return -1;
}
WritePlayerFile(fp, p);