From 44b94875b597458e69b06878cc468a7c3c94f41b Mon Sep 17 00:00:00 2001 From: "Roger A. Light" Date: Thu, 8 Jun 2023 22:45:31 +0100 Subject: [PATCH] mosquitto_passwd uses mkstemp() for backup files. --- ChangeLog.txt | 3 +++ apps/mosquitto_passwd/mosquitto_passwd.c | 18 +++++++++++++++--- 2 files changed, 18 insertions(+), 3 deletions(-) diff --git a/ChangeLog.txt b/ChangeLog.txt index e382b41c4..2c4e71645 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -29,6 +29,9 @@ Clients: - Fix incorrect topic-alias property value in mosquitto_sub json output. - Fix confusing message on TLS certificate verification. Closes #2746. +Apps: +- mosquitto_passwd uses mkstemp() for backup files. + 2.0.15 - 2022-08-16 =================== diff --git a/apps/mosquitto_passwd/mosquitto_passwd.c b/apps/mosquitto_passwd/mosquitto_passwd.c index 0a5ba722c..262f89cf6 100644 --- a/apps/mosquitto_passwd/mosquitto_passwd.c +++ b/apps/mosquitto_passwd/mosquitto_passwd.c @@ -370,15 +370,27 @@ static int copy_contents(FILE *src, FILE *dest) return 0; } -static int create_backup(const char *backup_file, FILE *fptr) +static int create_backup(char *backup_file, FILE *fptr) { FILE *fbackup; +#ifdef WIN32 fbackup = mosquitto__fopen(backup_file, "wt", true); +#else + int fd; + umask(077); + fd = mkstemp(backup_file); + if(fd < 0){ + fprintf(stderr, "Error creating backup password file \"%s\", not continuing.\n", backup_file); + return 1; + } + fbackup = fdopen(fd, "wt"); +#endif if(!fbackup){ fprintf(stderr, "Error creating backup password file \"%s\", not continuing.\n", backup_file); return 1; } + if(copy_contents(fptr, fbackup)){ fprintf(stderr, "Error copying data to backup password file \"%s\", not continuing.\n", backup_file); fclose(fbackup); @@ -617,13 +629,13 @@ int main(int argc, char *argv[]) return 1; } - backup_file = malloc((size_t)strlen(password_file)+5); + backup_file = malloc((size_t)strlen(password_file)+strlen(".backup.XXXXXX")); if(!backup_file){ fprintf(stderr, "Error: Out of memory.\n"); free(password_file); return 1; } - snprintf(backup_file, strlen(password_file)+5, "%s.tmp", password_file); + snprintf(backup_file, strlen(password_file)+5, "%s.backup.XXXXXX", password_file); free(password_file); password_file = NULL;