
Found by a scan done on the Red Hat libvirt-cim code, but still valid for the upstream code. Error: SECURE_TEMP (CWE-377): [#def23] libvirt-cim-0.6.1/src/Virt_VSMigrationService.c:504: cond_true: Condition "__retval != NULL", taking true branch libvirt-cim-0.6.1/src/Virt_VSMigrationService.c:507: cond_false: Condition "filename == NULL", taking false branch libvirt-cim-0.6.1/src/Virt_VSMigrationService.c:510: if_end: End of if statement libvirt-cim-0.6.1/src/Virt_VSMigrationService.c:512: secure_temp: Calling "mkstemp(char *)" without securely setting umask first. Resolve by adding umask code --- src/Virt_VSMigrationService.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/Virt_VSMigrationService.c b/src/Virt_VSMigrationService.c index f48d56b..78f9e05 100644 --- a/src/Virt_VSMigrationService.c +++ b/src/Virt_VSMigrationService.c @@ -569,6 +569,7 @@ static char *write_params(CMPIArray *array) { int i; int fd; + mode_t cur_umask = umask(S_IRWXO|S_IRWXG); char *filename = strdup("/tmp/libvirtcim_mig.XXXXXX"); FILE *file = NULL; @@ -578,6 +579,7 @@ static char *write_params(CMPIArray *array) } fd = mkstemp(filename); + umask(cur_umask); if (fd < 0) { CU_DEBUG("Unable to get temporary file: %s", strerror(errno)); free(filename); -- 1.8.1.4