From ba12415fca1a3891a1386698eab09735a025d7ea Mon Sep 17 00:00:00 2001
From: Stefan Berger <stefanb@linux.vnet.ibm.com>
Date: Sun, 8 Nov 2020 21:40:35 -0500
Subject: [PATCH 2/5] swtpm_cert: Switch to open() from fopen() for writing
 certificate

Switch to open from fopen() and make sure we do not follow symlinks.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
---
 src/swtpm_cert/ek-cert.c | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/src/swtpm_cert/ek-cert.c b/src/swtpm_cert/ek-cert.c
index 651d60f..0e0b4b1 100644
--- a/src/swtpm_cert/ek-cert.c
+++ b/src/swtpm_cert/ek-cert.c
@@ -51,6 +51,7 @@
 #include <unistd.h>
 #include <fcntl.h>
 #include <getopt.h>
+#include <sys/stat.h>
 
 #include <arpa/inet.h>
 
@@ -995,7 +996,7 @@ main(int argc, char *argv[])
     unsigned long long serial = 1;
     time_t now;
     int err;
-    FILE *cert_file;
+    int cert_file_fd;
     const char *subject = NULL;
     const char *error = NULL;
     int days = 365;
@@ -1675,8 +1676,9 @@ if (_err != GNUTLS_E_SUCCESS) {             \
                             ? GNUTLS_X509_FMT_PEM
                             : GNUTLS_X509_FMT_DER, &out);
     if (cert_filename) {
-        cert_file = fopen(cert_filename, "wb");
-        if (cert_file == NULL) {
+        cert_file_fd = open(cert_filename, O_WRONLY|O_CREAT|O_TRUNC|O_NOFOLLOW,
+                            S_IRUSR|S_IWUSR);
+        if (cert_file_fd < 0) {
             fprintf(stderr, "Could not open %s for writing the certificate: %s\n",
                     cert_filename,
                     strerror(errno));
@@ -1691,22 +1693,22 @@ if (_err != GNUTLS_E_SUCCESS) {             \
                 },
                 .tag = htobe16(TCG_TAG_PCCLIENT_FULL_CERT),
             };
-            if (sizeof(hdr) != fwrite(&hdr, 1, sizeof(hdr), cert_file)) {
+            if (sizeof(hdr) != write(cert_file_fd, &hdr, sizeof(hdr))) {
                 fprintf(stderr, "Could not write certificate header: %s\n",
                         strerror(errno));
-                fclose(cert_file);
+                close(cert_file_fd);
                 unlink(cert_filename);
                 goto cleanup;
             }
         }
-        if (out.size != fwrite(out.data, 1, out.size, cert_file)) {
+        if ((ssize_t)out.size != write(cert_file_fd, out.data, out.size)) {
             fprintf(stderr, "Could not write certificate into file: %s\n",
                     strerror(errno));
-            fclose(cert_file);
+            close(cert_file_fd);
             unlink(cert_filename);
             goto cleanup;
         }
-        fclose(cert_file);
+        close(cert_file_fd);
     } else {
         fprintf(stdout, "%s\n", out.data);
     }
-- 
2.27.0