Enhanced temp-file security under unix. There are no known attacks against

prior versions - this check-in is just an added precaution. (CVS 3687) FossilOrigin-Name: 5af61402f65bddc4040a20470f267c9404cba631
2025-08-07 02:42:48 +03:00 · 2007-03-15 01:16:47 +00:00
parent 34c68fbab6
commit 3f56e6ebac
4 changed files with 20 additions and 18 deletions
--- a/16
+++ b/16
@@ -1,5 +1,5 @@
-C Modify\sthe\sbehaviour\sof\swritable_schema\sto\signore\sschema\sparsing\serrors.\s(CVS\s3686)
-D 2007-03-14T15:37:04
+C Enhanced\stemp-file\ssecurity\sunder\sunix.\s\sThere\sare\sno\sknown\sattacks\sagainst\nprior\sversions\s-\sthis\scheck-in\sis\sjust\san\sadded\sprecaution.\s(CVS\s3687)
+D 2007-03-15T01:16:48
 F Makefile.in 1fe3d0b46e40fd684e1e61f8e8056cefed16de9f
 F Makefile.linux-gcc 2d8574d1ba75f129aba2019f0b959db380a90935
 F README 9c4e2d6706bdcc3efdd773ce752a8cdab4f90028
@@ -82,11 +82,11 @@ F src/os_os2.c 8ee8207fe218a1acf3a31d59753e165e5c23bb95
 F src/os_os2.h e5f17dd69333632bbc3112881ea407c37d245eb3
 F src/os_test.c 49833426101f99aee4bb5f6a44b7c4b2029fda1c
 F src/os_test.h 903c93554c23d88f34f667f1979e4a1cee792af3
-F src/os_unix.c abdb0f7b8e3f078b8b48d4c0b8c801693046774d
+F src/os_unix.c a3b26ad8270aea899f9d65fd2e6a176b05d2ef8f
 F src/os_unix.h 5768d56d28240d3fe4537fac08cc85e4fb52279e
 F src/os_win.c 8736cf3a49fd651a6538857480f302807d57814c
 F src/os_win.h 41a946bea10f61c158ce8645e7646b29d44f122b
-F src/pager.c 680bf115aa1678a011ce046f2a1ef4cad45576cb
+F src/pager.c 999194d214872e5c04a50700778571cc2238d1c0
 F src/pager.h 8881591ca23d1e5fd83c95fa8317245fbcf64227
 F src/parse.y bcfe366c1fd61cfc40e5344eb69a31997a821af0
 F src/pragma.c b52dcf2fbb46f3266f9d00b88054c684df3af2e7
@@ -436,7 +436,7 @@ F www/tclsqlite.tcl bb0d1357328a42b1993d78573e587c6dcbc964b9
 F www/vdbe.tcl 87a31ace769f20d3627a64fa1fade7fed47b90d0
 F www/version3.tcl 890248cf7b70e60c383b0e84d77d5132b3ead42b
 F www/whentouse.tcl 97e2b5cd296f7d8057e11f44427dea8a4c2db513
-P 3e66ea6f61abc0f95af3bb46ebc0e10b4dcd069b
-R 0b1c631304a4b999548c4f37d3474b4f
-U danielk1977
-Z ecfae2838ed01abd8679701901a6da11
+P a8d6d935fbe32a759a55c1ef90adda7fe534acc1
+R 0a7b2373b4bb02987641c1eeb0b09c82
+U drh
+Z a6809282c4d71a0260c725dbd90ff825
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-a8d6d935fbe32a759a55c1ef90adda7fe534acc1
+5af61402f65bddc4040a20470f267c9404cba631
--- a/src/os_unix.c
+++ b/src/os_unix.c
@@ -864,7 +864,7 @@ int sqlite3UnixOpenExclusive(const char *zFilename, OsFile **pId, int delFlag){
  assert( 0==*pId );
  h = open(zFilename,
                O_RDWR|O_CREAT|O_EXCL|O_NOFOLLOW|O_LARGEFILE|O_BINARY,
-                SQLITE_DEFAULT_FILE_PERMISSIONS);
+                delFlag ? 0600 : SQLITE_DEFAULT_FILE_PERMISSIONS);
  if( h<0 ){
    return SQLITE_CANTOPEN;
  }
--- a/src/pager.c
+++ b/src/pager.c
@@ -18,7 +18,7 @@
 ** file simultaneously, or one process from reading the database while
 ** another is writing.
 **
-** @(#) $Id: pager.c,v 1.286 2007/03/06 13:46:00 danielk1977 Exp $
+** @(#) $Id: pager.c,v 1.287 2007/03/15 01:16:48 drh Exp $
 */
 #ifndef SQLITE_OMIT_DISKIO
 #include "sqliteInt.h"
@@ -1569,17 +1569,19 @@ int sqlite3_opentemp_count = 0;
 #endif

 /*
-** Open a temporary file.  Write the name of the file into zFile
-** (zFile must be at least SQLITE_TEMPNAME_SIZE bytes long.)  Write
-** the file descriptor into *fd.  Return SQLITE_OK on success or some
+** Open a temporary file. 
+**
+** Write the file descriptor into *fd.  Return SQLITE_OK on success or some
 ** other error code if we fail.
 **
 ** The OS will automatically delete the temporary file when it is
 ** closed.
 */
-static int sqlite3pager_opentemp(char *zFile, OsFile **pFd){
+static int sqlite3pager_opentemp(OsFile **pFd){
  int cnt = 8;
  int rc;
+  char zFile[SQLITE_TEMPNAME_SIZE];
+
 #ifdef SQLITE_TEST
  sqlite3_opentemp_count++;  /* Used for testing and analysis only */
 #endif
@@ -1662,7 +1664,8 @@ int sqlite3pager_open(
      }
    }
  }else{
-    rc = sqlite3pager_opentemp(zTemp, &fd);
+    rc = sqlite3pager_opentemp(&fd);
+    sqlite3OsTempFileName(zTemp);
    zFilename = zTemp;
    zFullPathname = sqlite3OsFullPathname(zFilename);
    if( rc==SQLITE_OK ){
@@ -3559,7 +3562,6 @@ int *sqlite3pager_stats(Pager *pPager){
 */
 int sqlite3pager_stmt_begin(Pager *pPager){
  int rc;
-  char zTemp[SQLITE_TEMPNAME_SIZE];
  assert( !pPager->stmtInUse );
  assert( pPager->state>=PAGER_SHARED );
  assert( pPager->dbSize>=0 );
@@ -3589,7 +3591,7 @@ int sqlite3pager_stmt_begin(Pager *pPager){
  pPager->stmtHdrOff = 0;
  pPager->stmtCksum = pPager->cksumInit;
  if( !pPager->stmtOpen ){
-    rc = sqlite3pager_opentemp(zTemp, &pPager->stfd);
+    rc = sqlite3pager_opentemp(&pPager->stfd);
    if( rc ) goto stmt_begin_failed;
    pPager->stmtOpen = 1;
    pPager->stmtNRec = 0;