Prevent race condition by using already opened file descriptors.

Properly presume owner/mode of gzip file.

with input by and ok deraadt

3 files changed, 9 insertions, 8 deletions

diff --git a/usr.bin/gzsig/sign.c b/usr.bin/gzsig/sign.c
index 1a9673649dd..3b1040fc9e4 100644
--- a/usr.bin/gzsig/sign.c
+++ b/usr.bin/gzsig/sign.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sign.c,v 1.11 2013/03/09 22:36:44 jmc Exp $ */
+/* $OpenBSD: sign.c,v 1.12 2013/03/10 10:34:33 tobias Exp $ */
 
 /*
  * sign.c
@@ -285,7 +285,7 @@ sign(int argc, char *argv[])
 			close(fd);
 			continue;
 		}
-		if (copy_permissions(gzipfile, tmppath) < 0) {
+		if (copy_permissions(fileno(fin), fd) < 0) {
 			fprintf(stderr, "Error initializing %s: %s\n",
 			    tmppath, strerror(errno));
 			fclose(fin);
diff --git a/usr.bin/gzsig/util.c b/usr.bin/gzsig/util.c
index 97b441ef9e1..970e8ca71aa 100644
--- a/usr.bin/gzsig/util.c
+++ b/usr.bin/gzsig/util.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: util.c,v 1.2 2005/05/28 08:07:45 marius Exp $ */
+/* $OpenBSD: util.c,v 1.3 2013/03/10 10:34:33 tobias Exp $ */
 
 /*
  * util.c
@@ -46,17 +46,17 @@
 #include "util.h"
 
 int
-copy_permissions(char *srcfile, char *dstfile)
+copy_permissions(int srcfd, int dstfd)
 {
 	struct stat st;
 
-	if (stat(srcfile, &st) < 0)
+	if (fstat(srcfd, &st) < 0)
 		return (-1);
 
-	if (chmod(dstfile, st.st_mode) < 0)
+	if (fchown(dstfd, st.st_uid, st.st_gid) < 0)
 		return (-1);
 
-	if (chown(dstfile, st.st_uid, st.st_gid) < 0)
+	if (fchmod(dstfd, st.st_mode) < 0)
 		return (-1);
 
 	return (0);
diff --git a/usr.bin/gzsig/util.h b/usr.bin/gzsig/util.h
index 1598b7fefaf..87560599137 100644
--- a/usr.bin/gzsig/util.h
+++ b/usr.bin/gzsig/util.h
@@ -1,3 +1,4 @@
+/* $OpenBSD: util.h,v 1.3 2013/03/10 10:34:33 tobias Exp $ */
 /*
  * util.h
  *
@@ -33,7 +34,7 @@
 
 #ifndef UTIL_H
 
-int		copy_permissions(char *srcfile, char *dstfile);
+int		copy_permissions(int srcfd, int dstfd);
 void		fatal(int status, const char *fmt, ...);
 
 #endif /* UTIL_H */