ruby-changes:50216
From: nobu <ko1@a...>
Date: Sat, 10 Feb 2018 00:21:23 +0900 (JST)
Subject: [ruby-changes:50216] nobu:r62334 (trunk): mjit.c: exclusively create
nobu 2018-02-10 00:21:18 +0900 (Sat, 10 Feb 2018) New Revision: 62334 https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=62334 Log: mjit.c: exclusively create * mjit.c (convert_unit_to_func): create new file exclusively. overwriting existing file could cause security issues. Modified files: trunk/mjit.c Index: mjit.c =================================================================== --- mjit.c (revision 62333) +++ mjit.c (revision 62334) @@ -747,6 +747,7 @@ convert_unit_to_func(struct rb_mjit_unit https://github.com/ruby/ruby/blob/trunk/mjit.c#L747 { char c_file_buff[70], *c_file = c_file_buff, *so_file, funcname[35]; int success; + int fd; FILE *f; void *func; double start_time, end_time; @@ -766,9 +767,11 @@ convert_unit_to_func(struct rb_mjit_unit https://github.com/ruby/ruby/blob/trunk/mjit.c#L767 memcpy(&so_file[c_file_len - sizeof(c_ext)], so_ext, sizeof(so_ext)); sprintf(funcname, "_mjit%d", unit->id); - f = fopen(c_file, "w"); - if (f == NULL) { - verbose(1, "Failed to fopen '%s', giving up JIT for it (%s)", c_file, strerror(errno)); + fd = rb_cloexec_open(c_file, O_WRONLY|O_EXCL|O_CREAT, 0600); + if (fd < 0 || (f = fdopen(fd, "w")) == NULL) { + int e = errno; + if (fd >= 0) (void)close(fd); + verbose(1, "Failed to fopen '%s', giving up JIT for it (%s)", c_file, strerror(e)); return (mjit_func_t)NOT_COMPILABLE_JIT_ISEQ_FUNC; } -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/