From 446b4207cc7a30d8a4d5b2445a5a1b27d440f55d Mon Sep 17 00:00:00 2001
From: Rich Felker <dalias@aerifal.cx>
Date: Fri, 18 Feb 2011 17:04:56 -0500
Subject: major improvements to temp file name generator

use current time in nanoseconds and some potentially-random (if aslr
is enabled) pointer values for the initial tempfile name generation,
and step via a cheap linear prng on collisions. limit the number of
retry attempts to prevent denial of service attacks even if an
attacker can guess the filenames.
---
 src/temp/mkdtemp.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'src/temp/mkdtemp.c')

diff --git a/src/temp/mkdtemp.c b/src/temp/mkdtemp.c
index 162d98b0..f2ecc510 100644
--- a/src/temp/mkdtemp.c
+++ b/src/temp/mkdtemp.c
@@ -12,7 +12,8 @@ char *__mktemp(char *);
 
 char *mkdtemp(char *template)
 {
-	for (;;) {
+	int retries = 100;
+	while (retries--) {
 		if (!__mktemp(template)) return 0;
 		if (!mkdir(template, 0700)) return template;
 		if (errno != EEXIST) return 0;
@@ -20,4 +21,5 @@ char *mkdtemp(char *template)
 		 * that we have a valid template string */
 		strcpy(template+strlen(template)-6, "XXXXXX");
 	}
+	return 0;
 }
-- 
cgit v1.2.1