ecore buffer module - use vpath for xdg runtime for setuid safety

this should make ecore buffer module safe to use in setuid processes

diff --git a/src/modules/ecore_buffer/shm/ecore_buffer_shm.c b/src/modules/ecore_buffer/shm/ecore_buffer_shm.c
index 6440071..be270a9 100644 (file)
--- a/src/modules/ecore_buffer/shm/ecore_buffer_shm.c
+++ b/src/modules/ecore_buffer/shm/ecore_buffer_shm.c
@@ -11,7 +11,8 @@
 #include <string.h>
 
 #include <Eina.h>
-#include <Ecore.h>
+#include "Ecore.h"
+#include "ecore_private.h"
 #include <Ecore_Buffer.h>
 
 #ifndef O_BINARY
@@ -53,16 +54,10 @@ _ecore_buffer_shm_buffer_alloc(Ecore_Buffer_Module_Data bmdata, int width, int h
 {
    Ecore_Buffer_Shm_Data* b;
    char *name;
-   static const char tmp[] = "/ecore-buffer-shared-XXXXXX";
+   static const char tmp[] = "ecore-buffer-shared-XXXXXX";
    const char *path;
    int fd, size, page_size;
-
-   path = getenv("XDG_RUNTIME_DIR");
-   if (!path)
-     {
-        path = getenv("TMPDIR");
-        if (!path) path = "/tmp";
-     }
+   Efl_Vpath_File *file_obj;
 
    page_size = eina_cpu_page_size();
 
@@ -75,11 +70,16 @@ _ecore_buffer_shm_buffer_alloc(Ecore_Buffer_Module_Data bmdata, int width, int h
    b->size = page_size * (((b->stride * b->h) + (page_size - 1)) / page_size);
    b->am_owner = EINA_TRUE;
 
+   file_obj = efl_vpath_manager_fetch(EFL_VPATH_MANAGER_CLASS, "(:run:)/");
+   efl_vpath_file_do(file_obj);
+   efl_vpath_file_wait(file_obj);
+   path = efl_vpath_file_result_get(file_obj);
    size = strlen(path) + sizeof(tmp);
    name = malloc(size);
    if (!name) goto err;
    strcpy(name, path);
    strcat(name, tmp);
+   efl_del(file_obj);
 
    fd = mkostemp(name, O_CLOEXEC);
    if (fd < 0) goto err_fd;