uci/file: replace mktemp() with mkstemp()

mktemp is unsafe to use as well as deprecated by POSIX.1-2008. uClibc-ng
optionally does not include it when SuSv3 legacy functions are disabled.

Signed-off-by: Maxim Gorbachyov <maxim.gorbachyov@gmail.com>
Signed-off-by: Rosen Penev <rosenp@gmail.com>

diff --git a/file.c b/file.c
index 9856369028b0a167db75027b7d12154f54b940a6..7333e48d51f7d7912a221d9e42fb86becf3d9668 100644 (file)
--- a/file.c
+++ b/file.c
@@ -28,6 +28,7 @@
 #include <glob.h>
 #include <string.h>
 #include <stdlib.h>
+#include <errno.h>
 
 #include "uci.h"
 #include "uci_internal.h"
@@ -723,8 +724,8 @@ static void uci_file_commit(struct uci_context *ctx, struct uci_package **packag
        char *name = NULL;
        char *path = NULL;
        char *filename = NULL;
-       struct stat statbuf;
        bool do_rename = false;
+       int fd;
 
        if (!p->path) {
                if (overwrite)
@@ -770,18 +771,20 @@ static void uci_file_commit(struct uci_context *ctx, struct uci_package **packag
                        goto done;
        }
 
-       if (!mktemp(filename))
-               *filename = 0;
+       fd = mkstemp(filename);
+       if (fd == -1)
+               UCI_THROW(ctx, UCI_ERR_IO);
 
-       if (!*filename) {
-               free(filename);
+       if ((flock(fd, LOCK_EX) < 0) && (errno != ENOSYS))
+               UCI_THROW(ctx, UCI_ERR_IO);
+
+       if (lseek(fd, 0, SEEK_SET) < 0)
                UCI_THROW(ctx, UCI_ERR_IO);
-       }
 
-       if ((stat(filename, &statbuf) == 0) && ((statbuf.st_mode & S_IFMT) != S_IFREG))
+       f2 = fdopen(fd, "w+");
+       if (!f2)
                UCI_THROW(ctx, UCI_ERR_IO);
 
-       f2 = uci_open_stream(ctx, filename, p->path, SEEK_SET, true, true);
        uci_export(ctx, f2, p, false);
 
        fflush(f2);