From 1f01109254039f392c559ddc74349b51ec76d4a9 Mon Sep 17 00:00:00 2001 From: Chris Lattner Date: Mon, 12 Jul 2010 00:09:55 +0000 Subject: [PATCH] =?UTF-8?q?improve=20Path::makeUnique=20when=20mkstemp/mkt?= =?UTF-8?q?emp=20are=20not=20available=20patch=20by=20Lasse=20K=C3=A4rkk?= =?UTF-8?q?=C3=A4inen=20in=20PR7404.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@108110 91177308-0d34-0410-b5e6-96231b3b80d8 --- lib/System/Unix/Path.inc | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/lib/System/Unix/Path.inc b/lib/System/Unix/Path.inc index 185f7fd66bf..bc104a32a3a 100644 --- a/lib/System/Unix/Path.inc +++ b/lib/System/Unix/Path.inc @@ -888,14 +888,19 @@ Path::makeUnique(bool reuse_current, std::string* ErrMsg) { #else // Okay, looks like we have to do it all by our lonesome. static unsigned FCounter = 0; - unsigned offset = path.size() + 1; - while ( FCounter < 999999 && exists()) { - sprintf(FNBuffer+offset,"%06u",++FCounter); + // Try to initialize with unique value. + if (FCounter == 0) FCounter = ((unsigned)getpid() & 0xFFFF) << 8; + char* pos = strstr(FNBuffer, "XXXXXX"); + do { + if (++FCounter > 0xFFFFFF) { + return MakeErrMsg(ErrMsg, + path + ": can't make unique filename: too many files"); + } + sprintf(pos, "%06X", FCounter); path = FNBuffer; - } - if (FCounter > 999999) - return MakeErrMsg(ErrMsg, - path + ": can't make unique filename: too many files"); + } while (exists()); + // POSSIBLE SECURITY BUG: An attacker can easily guess the name and exploit + // LLVM. #endif return false; }