From: "Lu, Han" han.lu@intel.com
Use dynamic temp file instead of fixed temp file to store recorded wav data, for better security.
Signed-off-by: Lu, Han han.lu@intel.com
diff --git a/bat/bat.c b/bat/bat.c index 02b1abd..3813ba8 100644 --- a/bat/bat.c +++ b/bat/bat.c @@ -452,6 +452,7 @@ static int validate_options(struct bat *bat) static int bat_init(struct bat *bat) { int err = 0; + char name[] = TEMP_RECORD_FILE_NAME;
/* Determine logging to a file or stdout and stderr */ if (bat->logarg) { @@ -474,10 +475,23 @@ static int bat_init(struct bat *bat) }
/* Determine capture file */ - if (bat->local) + if (bat->local) { bat->capture.file = bat->playback.file; - else - bat->capture.file = TEMP_RECORD_FILE_NAME; + } else { + /* create temp file for sound record and analysis */ + err = mkstemp(name); + if (err == -1) { + fprintf(bat->err, _("Fail to create record file: %d\n"), + -errno); + return -errno; + } + /* store file name which is dynamically created */ + bat->capture.file = strdup(name); + if (bat->capture.file == NULL) + return -errno; + /* close temp file */ + close(err); + }
/* Initial for playback */ if (bat->playback.file == NULL) { @@ -591,8 +605,11 @@ analyze: err = analyze_capture(&bat); out: fprintf(bat.log, _("\nReturn value is %d\n"), err); + if (bat.logarg) fclose(bat.log); + if (!bat.local) + free(bat.capture.file);
return err; } diff --git a/bat/common.h b/bat/common.h index f0254ab..90bc3e2 100644 --- a/bat/common.h +++ b/bat/common.h @@ -15,7 +15,7 @@
#include <alsa/asoundlib.h>
-#define TEMP_RECORD_FILE_NAME "/tmp/bat.wav" +#define TEMP_RECORD_FILE_NAME "/tmp/bat.wav.XXXXXX"
#define OPT_BASE 300 #define OPT_LOG (OPT_BASE + 1)