From 53a4c10344713413fbfeeed6916cb79d92e0d8d6 Mon Sep 17 00:00:00 2001
From: Leah Rowe <leah@libreboot.org>
Date: Tue, 24 Mar 2026 20:23:00 +0000
Subject: util/mkhtemp: allow relative path with -p

but only -p

not inside the library. that way, we retain
security. symlinks resolved with use of -p;
a warning will be added about this to the
manpage, when written.

Signed-off-by: Leah Rowe <leah@libreboot.org>
---
 util/libreboot-utils/mkhtemp.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

(limited to 'util/libreboot-utils')

diff --git a/util/libreboot-utils/mkhtemp.c b/util/libreboot-utils/mkhtemp.c
index 1f7c8b79..bcbc63a9 100644
--- a/util/libreboot-utils/mkhtemp.c
+++ b/util/libreboot-utils/mkhtemp.c
@@ -78,6 +78,8 @@ main(int argc, char *argv[])
 	int type = MKHTEMP_FILE;
 	size_t len;
 
+	char *rp;
+
 #if defined (PATH_LEN) && \
     (PATH_LEN) >= 256
 	size_t maxlen = PATH_LEN;
@@ -85,6 +87,8 @@ main(int argc, char *argv[])
 	size_t maxlen = 4096;
 #endif
 
+	char resolved[maxlen];
+
 	if (lbgetprogname(argv[0]) == NULL)
 		err_no_cleanup(errno, "could not set progname");
 
@@ -119,6 +123,16 @@ main(int argc, char *argv[])
 		err_no_cleanup(EINVAL,
 		    "usage: mkhtemp [-d] [-p dir] [template]\n");
 
+
+	if (tmpdir != NULL) {
+		rp = realpath(tmpdir, resolved);
+		if (rp == NULL)
+			err_no_cleanup(errno,
+			    "realpath: %s", tmpdir);
+
+		tmpdir = resolved;
+	}
+
 	if (new_tmp_common(&fd, &s, type, tmpdir) < 0)
 		err_no_cleanup(errno, "%s", s);
 
-- 
cgit v1.2.1