Fix security issue

author Suyeon Hwang <stom.hwang@samsung.com>

Thu, 27 Jul 2017 06:26:17 +0000 (15:26 +0900)

committer Suyeon Hwang <stom.hwang@samsung.com>

Mon, 31 Jul 2017 02:46:20 +0000 (11:46 +0900)
author Suyeon Hwang <stom.hwang@samsung.com>
Thu, 27 Jul 2017 06:26:17 +0000 (15:26 +0900)
committer Suyeon Hwang <stom.hwang@samsung.com>
Mon, 31 Jul 2017 02:46:20 +0000 (11:46 +0900)
diff --git a/server/sttd_recorder.c b/server/sttd_recorder.c

index 52b66ef..88e371a 100644 (file)
--- a/server/sttd_recorder.c
+++ b/server/sttd_recorder.c
@@ -558,11 +558,27 @@ int sttd_recorder_start(int uid)
  #ifdef BUF_SAVE_MODE
         g_count++;
  
-       snprintf(g_temp_file_name, sizeof(g_temp_file_name), "/tmp/stt_temp_%d_%d", getpid(), g_count);
+       while (1) {
+               snprintf(g_temp_file_name, sizeof(g_temp_file_name), "/tmp/stt_temp_%d_%d", getpid(), g_count);
+               ret = access(g_temp_file_name, 0);
+
+               if (0 == ret) {
+                       SLOG(LOG_ERROR, TAG_STTD, "[Recorder ERROR] File is already exist");
+                       if (0 == remove(g_temp_file_name)) {
+                               SLOG(LOG_DEBUG, TAG_STTD, "[Recorder] Remove file");
+                               break;
+                       } else {
+                               g_count++;
+                       }
+               } else {
+                       break;
+               }
+       }
+
         SECURE_SLOG(LOG_DEBUG, TAG_STTD, "[Recorder] Temp file name=[%s]", g_temp_file_name);
  
         /* open test file */
-       g_pFile = fopen(g_temp_file_name, "wb+");
+       g_pFile = fopen(g_temp_file_name, "wb+x");
         if (!g_pFile) {
                 SLOG(LOG_ERROR, TAG_STTD, "[Recorder ERROR] File not found!");
                 return -1;
author	Suyeon Hwang <stom.hwang@samsung.com>
	Thu, 27 Jul 2017 06:26:17 +0000 (15:26 +0900)
committer	Suyeon Hwang <stom.hwang@samsung.com>
	Mon, 31 Jul 2017 02:46:20 +0000 (11:46 +0900)