-
Tobias Stoeckmann authored
When setting wallpapers without --no-fehbg option, a ~/.fehbg file is created. This file is set to be an executable for later re-use. Calling stat() without checking the return value can lead to issues. If the call fails, then s.st_mode is undefined and excessive permissions could be set to .fehbg, at worst even setuid/setgid bits for a world writable file. While adjusting this, I changed the code to use fstat() and fchmod() to avoid a further -- but very unlikely -- issue: race condition in form of TOCTOU. If the file ~/.fehsetbg is replaced by a symlink right before the chmod call, then a different file would be set executable + the default mode of the (newly created) file. I don't expect this to be a real world issue but changed this part "while at it" anyway for more robust code and a good example on how to handle files. Signed-off-by:Tobias Stoeckmann <tobias@stoeckmann.org>
Tobias Stoeckmann authoredWhen setting wallpapers without --no-fehbg option, a ~/.fehbg file is created. This file is set to be an executable for later re-use. Calling stat() without checking the return value can lead to issues. If the call fails, then s.st_mode is undefined and excessive permissions could be set to .fehbg, at worst even setuid/setgid bits for a world writable file. While adjusting this, I changed the code to use fstat() and fchmod() to avoid a further -- but very unlikely -- issue: race condition in form of TOCTOU. If the file ~/.fehsetbg is replaced by a symlink right before the chmod call, then a different file would be set executable + the default mode of the (newly created) file. I don't expect this to be a real world issue but changed this part "while at it" anyway for more robust code and a good example on how to handle files. Signed-off-by:
