waylandsink: mkstemp requires setting permission mask

Using mkstemp without setting the permission mask is potentially harmful.
POSIX specification of mkstemp() does not say anything about file modes, so we
need to make sure its file mode creation mask is set appropriately before
calling it.

diff --git a/ext/wayland/wlshmallocator.c b/ext/wayland/wlshmallocator.c
index 183795c3bd35ef8d23f3854aad964fc98a7052ca..f36811f188d2f8ca6833d0a1d9410d9964b860f7 100644 (file)
--- a/ext/wayland/wlshmallocator.c
+++ b/ext/wayland/wlshmallocator.c
@@ -30,6 +30,7 @@
 #include <unistd.h>
 #include <sys/mman.h>
 #include <sys/types.h>
+#include <sys/stat.h>
 
 GST_DEBUG_CATEGORY_EXTERN (gstwayland_debug);
 #define GST_CAT_DEFAULT gstwayland_debug
@@ -46,6 +47,7 @@ gst_wl_shm_allocator_alloc (GstAllocator * allocator, gsize size,
   int fd;
   gpointer data;
   GstWlShmMemory *mem;
+  mode_t mask;
 
   /* TODO: make use of the allocation params, if necessary */
 
@@ -53,7 +55,9 @@ gst_wl_shm_allocator_alloc (GstAllocator * allocator, gsize size,
   snprintf (filename, 1024, "%s/%s-%d-%s", g_get_user_runtime_dir (),
       "wayland-shm", init++, "XXXXXX");
 
+  mask = umask (S_IRWXO | S_IRWXG);
   fd = mkstemp (filename);
+  umask (mask);
   if (fd < 0) {
     GST_ERROR_OBJECT (self, "opening temp file %s failed: %s", filename,
         strerror (errno));