[PATCH][cifs-utils] avoid using mktemp when updating mtab

Steve French <smfrench@xxxxxxxxx> · Mon, 20 Jan 2025 18:49:17 -0600

Attached patch to  Fix build warning: cifs-utils/mount.cifs.c:1726:
    warning: the use of `mktemp' is dangerous, better use `mkstemp' or `mkdtemp'

Use of mktemp() has been deprecated (e.g. due to security issues with
symlink races), and instead mkstemp is often recommended.  Change
the use of mktemp to mkstemp in del_mtab in cifs-utils

Fixes: f46dd7661cfb ("mount.cifs: Properly update mtab during remount")

Opinions? Better way to address it?

-- 
Thanks,

Steve
From f85c0c63adb4422b300770bfc2d844742e0fccd7 Mon Sep 17 00:00:00 2001
From: Steve French <stfrench@xxxxxxxxxxxxx>
Date: Mon, 20 Jan 2025 18:34:38 -0600
Subject: [PATCH] cifs-utils: avoid using mktemp when updating mtab

Fix build warning: cifs-utils/mount.cifs.c:1726:
    warning: the use of `mktemp' is dangerous, better use `mkstemp' or `mkdtemp'

Use of mktemp() has been deprecated (e.g. due to security issues with
symlink races), and instead mkstemp is often recommended.  Change
the use of mktemp to mkstemp in del_mtab in cifs-utils

Fixes: f46dd7661cfb ("mount.cifs: Properly update mtab during remount")
Signed-off-by: Steve French <stfrench@xxxxxxxxxxxxx>
---
 mount.cifs.c | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/mount.cifs.c b/mount.cifs.c
index e46693e..7605130 100644
--- a/mount.cifs.c
+++ b/mount.cifs.c
@@ -41,6 +41,7 @@
 #include <mntent.h>
 #include <fcntl.h>
 #include <limits.h>
+#include <stdbool.h>
 #include <paths.h>
 #include <libgen.h>
 #include <time.h>
@@ -1688,7 +1689,7 @@ add_mtab_exit:
 static int
 del_mtab(char *mountpoint)
 {
-	int len, tmprc, rc = 0;
+	int len, tmprc, rc = 0, tmpfd;
 	FILE *mnttmp, *mntmtab;
 	struct mntent *mountent;
 	char *mtabfile, *mtabdir, *mtabtmpfile = NULL;
@@ -1723,8 +1724,9 @@ del_mtab(char *mountpoint)
 		goto del_mtab_exit;
 	}
 
-	mtabtmpfile = mktemp(mtabtmpfile);
-	if (!mtabtmpfile) {
+	// Use mkstemp instead of mktemp
+	tmpfd = mkstemp(mtabtmpfile);
+	if (tmpfd == -1) {
 		fprintf(stderr, "del_mtab: cannot setup tmp file destination\n");
 		rc = EX_FILEIO;
 		goto del_mtab_exit;
@@ -1734,13 +1736,15 @@ del_mtab(char *mountpoint)
 	if (!mntmtab) {
 		fprintf(stderr, "del_mtab: could not update mount table\n");
 		rc = EX_FILEIO;
+		close(tmpfd);
 		goto del_mtab_exit;
 	}
 
-	mnttmp = setmntent(mtabtmpfile, "w");
+	mnttmp = fdopen(tmpfd, "w");
 	if (!mnttmp) {
 		fprintf(stderr, "del_mtab: could not update mount table\n");
 		endmntent(mntmtab);
+		close(tmpfd);
 		rc = EX_FILEIO;
 		goto del_mtab_exit;
 	}
-- 
2.43.0





