From: sfan5 <sfan5@live.de>
Date: Tue, 7 Nov 2017 10:47:28 +0000 (+0100)
Subject: Make use of safe file writing in auth handler (fixes #6576)
X-Git-Tag: 0.4.17~57
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=0fe3e7574de0b82b080932e446caed1f2cb3b85c;p=oweals%2Fminetest.git

Make use of safe file writing in auth handler (fixes #6576)
---

diff --git a/builtin/game/auth.lua b/builtin/game/auth.lua
index 8cb4ebf57..74eb6ae88 100644
--- a/builtin/game/auth.lua
+++ b/builtin/game/auth.lua
@@ -67,16 +67,15 @@ local function save_auth_file()
 		assert(type(stuff.privileges) == "table")
 		assert(stuff.last_login == nil or type(stuff.last_login) == "number")
 	end
-	local file, errmsg = io.open(core.auth_file_path, 'w+b')
-	if not file then
-		error(core.auth_file_path.." could not be opened for writing: "..errmsg)
-	end
+	local content = ""
 	for name, stuff in pairs(core.auth_table) do
 		local priv_string = core.privs_to_string(stuff.privileges)
 		local parts = {name, stuff.password, priv_string, stuff.last_login or ""}
-		file:write(table.concat(parts, ":").."\n")
+		content = content .. table.concat(parts, ":") .. "\n"
+	end
+	if not core.safe_file_write(core.auth_file_path, content) then
+		error(core.auth_file_path.." could not be written to")
 	end
-	io.close(file)
 end
 
 read_auth_file()