eggdrop icon indicating copy to clipboard operation
eggdrop copied to clipboard

Published 20 hours ago verified publisher icon eggheads

Use mkstemp instead of tmpfile

Open thommey opened this issue 7 years ago • 3 comments

Using tmpfile() can potentially be insecure as per http://cwe.mitre.org/data/definitions/377.html, mkstemp with previously set umask(0600) would be appropriate. Code changes can be small with fdopen() on the resulting file descriptor, or we can adjust the copying functions.

thommey avatar Jan 11 '18 12:01 thommey