From e840a7ed21bc8e93e2e87fec25dd98aa0039fca1 Mon Sep 17 00:00:00 2001
From: Antonio Larrosa <larrosa@kde.org>
Date: Tue, 18 Apr 2017 17:56:35 +0200
Subject: [PATCH] Fix open/chmod race condition in QSaveFile

This fixes a problem introduced in a60571b3700e80f44705ebc4bab9628cf852891c
by which a temporary file could be created with mode 0666 (0644 after
applying umask), and then changed to 0600, but in the meantime it would
be possible for anyone to get a working file descriptor that could be used
to read the file. See https://bugzilla.suse.com/show_bug.cgi?id=1034005.

Change-Id: I824025f54d6faf853da88e4dfcb092b577b4df04
---
 src/corelib/io/qsavefile.cpp | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

Index: qtbase-opensource-src-5.9.1/src/corelib/io/qsavefile.cpp
===================================================================
--- qtbase-opensource-src-5.9.1.orig/src/corelib/io/qsavefile.cpp
+++ qtbase-opensource-src-5.9.1/src/corelib/io/qsavefile.cpp
@@ -232,7 +232,8 @@ bool QSaveFile::open(OpenMode mode)
     }
 
     d->fileEngine = new QTemporaryFileEngine;
-    static_cast<QTemporaryFileEngine *>(d->fileEngine)->initialize(d->finalFileName, 0666);
+    int perm = (existingFile.exists() ? 0600 : 0666);
+    static_cast<QTemporaryFileEngine *>(d->fileEngine)->initialize(d->finalFileName, perm);
     // Same as in QFile: QIODevice provides the buffering, so there's no need to request it from the file engine.
     if (!d->fileEngine->open(mode | QIODevice::Unbuffered)) {
         QFileDevice::FileError err = d->fileEngine->error();