upstream/311296-rand-mktemp.patch: more random file creation in /tmp, see CVE CAN...

[software/mutt-debian.git] / bcache.c

diff --git a/bcache.c b/bcache.c
index ac07849253d90224cb097729db791786347a159d..81538d22ab9fef4f8a3e83ece058431a3042da3d 100644 (file)
--- a/bcache.c
+++ b/bcache.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2006 Brendan Cully <brendan@kublai.com>
+ * Copyright (C) 2006-7 Brendan Cully <brendan@kublai.com>
  * Copyright (C) 2006 Rocco Rutte <pdmef@gmx.net>
  *
  *     This program is free software; you can redistribute it and/or modify
@@ -43,7 +43,7 @@ static int bcache_path(ACCOUNT *account, const char *mailbox,
 {
   char host[STRING];
   ciss_url_t url;
-  size_t len;
+  int len;
 
   if (!account || !MessageCachedir || !*MessageCachedir || !dst || !dstlen)
     return -1;
@@ -136,6 +136,13 @@ FILE* mutt_bcache_put(body_cache_t *bcache, const char *id, int tmp)
   snprintf (path, sizeof (path), "%s%s%s", bcache->path, id,
             tmp ? ".tmp" : "");
 
+  if ((fp = safe_fopen (path, "w+")))
+    goto out;
+
+  if (errno == EEXIST)
+    /* clean up leftover tmp file */
+    mutt_unlink (path);
+
   s = strchr (path + 1, '/');
   while (!(fp = safe_fopen (path, "w+")) && errno == ENOENT && s)
   {
@@ -147,6 +154,7 @@ FILE* mutt_bcache_put(body_cache_t *bcache, const char *id, int tmp)
     s = strchr (s + 1, '/');
   }
 
+  out:
   dprint (3, (debugfile, "bcache: put: '%s'\n", path));
 
   return fp;