diff options
| author | Markus Uhlin <markus@nifty-networks.net> | 2025-08-01 20:39:34 +0200 |
|---|---|---|
| committer | Markus Uhlin <markus@nifty-networks.net> | 2025-08-01 20:39:34 +0200 |
| commit | e9b86adf20cebd5b23e404c3dd1779c1074f17c8 (patch) | |
| tree | d58c2e46e001f37fed0ac8da4a7f4d77e047e6a0 | |
| parent | 7db4a1f665a36bc2ffcefc9c57245d9ac147c5fb (diff) | |
UpdateRank: restricted file permissions
| -rw-r--r-- | FICS/ratings.c | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/FICS/ratings.c b/FICS/ratings.c index 2f82e62..a719be0 100644 --- a/FICS/ratings.c +++ b/FICS/ratings.c @@ -1488,7 +1488,8 @@ UpdateRank(int type, char *addName, statistics *sNew, char *delName) char command[MAX_STRING_LENGTH]; char line[MAX_RANK_LINE] = { '\0' }; char login[MAX_LOGIN_NAME] = { '\0' }; - int comp; + int comp = 0; + int fd = -1; statistics sCur; if (GetRankFileName(RankFile, sizeof RankFile, type) < 0) @@ -1501,9 +1502,17 @@ UpdateRank(int type, char *addName, statistics *sNew, char *delName) snprintf(TmpRankFile, sizeof TmpRankFile, "%s/tmpRank", sdir); - if ((fptemp = fopen(TmpRankFile, "w")) == NULL) { + errno = 0; + fd = open(TmpRankFile, O_WRONLY|O_CREAT, S_IWUSR|S_IRUSR); + + if (fd < 0) { + warn("%s: open", __func__); + fclose(fp); + return; + } else if ((fptemp = fdopen(fd, "w")) == NULL) { warn("%s: unable to open rank file for updating", __func__); fclose(fp); + close(fd); return; } |