mirror of
https://github.com/xroche/httrack.git
synced 2026-07-10 10:56:44 +03:00
* Keep cookies.txt owner-only (0600) cookie_save() wrote the jar with fopen, so live session cookies ended up world-readable under the usual umask. Create it O_CREAT 0600 on Unix (new HTS_PROTECT_FILE), fchmod pre-existing jars down to 0600 on rewrite, and close the fd if fdopen fails. The st_cookies selftest asserts both the fresh-create and the tighten-on-rewrite mode (ASan-independent, proven by reverting each fix). Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> Signed-off-by: Xavier Roche <roche@httrack.com> * CodeQL: exclude cpp/world-writable-file-creation The rule flags every file-creating fopen (0666 & ~umask): 53 baseline alerts over mirror/cache/log/test output where umask-controlled modes are the intended, conventional behavior. Its one real catch, the cookies jar, is now kept 0600 explicitly. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> Signed-off-by: Xavier Roche <roche@httrack.com> * st_cookies: assert the saved jar is non-empty The mode assertions alone would pass a cookie_save that creates an empty 0600 file and returns 0; check st_size on both saves (proven by a negative control that skips the write loop). Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> Signed-off-by: Xavier Roche <roche@httrack.com> --------- Signed-off-by: Xavier Roche <roche@httrack.com> Co-authored-by: Claude Fable 5 <noreply@anthropic.com>