Avoid race condition.

[oweals/openssl.git] / crypto / rand / randfile.c

diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c
index 02f16aa810329d28ee698dc51a05130f37645c9a..c2ae28c3a2a48a9afc0a34dec74680e28484972a 100644 (file)
--- a/crypto/rand/randfile.c
+++ b/crypto/rand/randfile.c
@@ -73,7 +73,7 @@
 # include <sys/stat.h>
 #endif
 
-#include <openssl/e_os.h>
+#include "openssl/e_os.h"
 #include <openssl/crypto.h>
 #include <openssl/rand.h>
 
@@ -194,12 +194,13 @@ err:
        return (rand_err ? -1 : ret);
        }
 
-const char *RAND_file_name(char *buf, int size)
+const char *RAND_file_name(char *buf, size_t size)
        {
-       char *s;
+       char *s=NULL;
        char *ret=NULL;
 
-       s=getenv("RANDFILE");
+       if (OPENSSL_issetugid() == 0)
+               s=getenv("RANDFILE");
        if (s != NULL)
                {
                strncpy(buf,s,size-1);
@@ -208,16 +209,25 @@ const char *RAND_file_name(char *buf, int size)
                }
        else
                {
-               s=getenv("HOME");
-               if (s == NULL) return(RFILE);
-               if (((int)(strlen(s)+strlen(RFILE)+2)) > size)
-                       return(RFILE);
-               strcpy(buf,s);
+               if (OPENSSL_issetugid() == 0)
+                       s=getenv("HOME");
+#ifdef DEFAULT_HOME
+               if (s == NULL)
+                       {
+                       s = DEFAULT_HOME;
+                       }
+#endif
+               if (s != NULL && (strlen(s)+strlen(RFILE)+2 < size))
+                       {
+                       strcpy(buf,s);
 #ifndef VMS
-               strcat(buf,"/");
+                       strcat(buf,"/");
 #endif
-               strcat(buf,RFILE);
-               ret=buf;
+                       strcat(buf,RFILE);
+                       ret=buf;
+                       }
+               else
+                       buf[0] = '\0'; /* no file name */
                }
        return(ret);
        }