Am 15.07.22 um 05:58 schrieb René Scharfe:
> The implementation of mkstemp() for MinGW uses mktemp() and open()
> without the flag O_EXCL, which is racy. It's not a security problem
> for now because all of its callers only create files within the
> repository (incl. worktrees). Replace it with a call to our more
> secure internal function, git_mkstemp_mode(), to prevent possible
> future issues.
>
> Signed-off-by: René Scharfe <l.s.r@xxxxxx>
> ---
> compat/mingw.c | 5 +----
> 1 file changed, 1 insertion(+), 4 deletions(-)
>
> diff --git a/compat/mingw.c b/compat/mingw.c
> index 2607de93af..b5502997e2 100644
> --- a/compat/mingw.c
> +++ b/compat/mingw.c
> @@ -1059,10 +1059,7 @@ char *mingw_mktemp(char *template)
>
> int mkstemp(char *template)
> {
> - char *filename = mktemp(template);
> - if (!filename)
> - return -1;
> - return open(filename, O_RDWR | O_CREAT, 0600);
> + return git_mkstemp_mode(template, 0600);
> }
>
> int gettimeofday(struct timeval *tv, void *tz)
I hate such an obvious layering violation. But we have already a ton of
them elsewhere (calling xmalloc from compat/, for example), so this is
just a rant, not an objection.
-- Hannes
