dzwdz
/
catboy
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Open save file with "a+" 

Avoids another small TOCTOU. Rewind before loading since "a+" sets
the file position at the end. Remove unnecessary fseek after
truncation, since "a+" always writes at the end of the file.
master
C. McEnroe 2021-06-11 21:02:40 -04:00
parent 772c9789b7
commit c6009cf13c
1 changed files with 3 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
ui.c
View File

@ -1133,7 +1133,6 @@ static FILE *saveFile;
int uiSave(void) { int uiSave(void) {
int error = 0 int error = 0
|| ftruncate(fileno(saveFile), 0) || ftruncate(fileno(saveFile), 0)
|| fseek(saveFile, 0, SEEK_SET)
|| writeTime(saveFile, Signatures[7]) || writeTime(saveFile, Signatures[7])
|| writeTime(saveFile, self.pos); || writeTime(saveFile, self.pos);
if (error) return error; if (error) return error;
@ -1180,13 +1179,9 @@ static ssize_t readString(FILE *file, char **buf, size_t *cap) {
} }
void uiLoad(const char *name) { void uiLoad(const char *name) {
saveFile = dataOpen(name, "r+"); saveFile = dataOpen(name, "a+");
if (!saveFile) { if (!saveFile) exit(EX_CANTCREAT);
if (errno != ENOENT) exit(EX_NOINPUT); rewind(saveFile);
saveFile = dataOpen(name, "w");
if (!saveFile) exit(EX_CANTCREAT);
return;
}
time_t signature; time_t signature;
fread(&signature, sizeof(signature), 1, saveFile); fread(&signature, sizeof(signature), 1, saveFile);