Use fchmod when available to avoid race condition.
Spotted by CodeQL.
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 2fb8716..76bc9c1 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -102,6 +102,7 @@
check_function_exists(clonefile HAVE_CLONEFILE)
check_function_exists(explicit_bzero HAVE_EXPLICIT_BZERO)
check_function_exists(explicit_memset HAVE_EXPLICIT_MEMSET)
+check_function_exists(fchmod HAVE_FCHMOD)
check_function_exists(fileno HAVE_FILENO)
check_function_exists(fseeko HAVE_FSEEKO)
check_function_exists(ftello HAVE_FTELLO)
diff --git a/cmake-config.h.in b/cmake-config.h.in
index 544adbd..abd8e1b 100644
--- a/cmake-config.h.in
+++ b/cmake-config.h.in
@@ -23,6 +23,7 @@
#cmakedefine HAVE_CRYPTO
#cmakedefine HAVE_FICLONERANGE
#cmakedefine HAVE_FILENO
+#cmakedefine HAVE_FCHMOD
#cmakedefine HAVE_FSEEKO
#cmakedefine HAVE_FTELLO
#cmakedefine HAVE_GETPROGNAME
diff --git a/lib/zip_mkstempm.c b/lib/zip_mkstempm.c
index ccdd62a..ede5142 100644
--- a/lib/zip_mkstempm.c
+++ b/lib/zip_mkstempm.c
@@ -82,7 +82,11 @@
if ((fd = open(path, O_CREAT | O_EXCL | O_RDWR | O_CLOEXEC, mode == -1 ? 0666 : (mode_t)mode)) >= 0) {
if (mode != -1) {
/* open() honors umask(), which we don't want in this case */
+#ifdef HAVE_FCHMOD
+ (void)fchmod(fd, (mode_t)mode);
+#else
(void)chmod(path, (mode_t)mode);
+#endif
}
return fd;
}
