dmidecode: Do not let --dump-bin overwrite an existing file

Make sure that the file passed to option --dump-bin does not already
exist. In practice, it is rather unlikely that an honest user would
want to overwrite an existing dump file, while this possibility
could be used by a rogue user to corrupt a system file.

Signed-off-by: Jean Delvare <jdelvare@suse.de>
Reviewed-by: Jerry Hoemann <jerry.hoemann@hpe.com>

Author: jdelvare

dmidecode.c

@@ -60,6 +60,7 @@
  *    https://www.dmtf.org/sites/default/files/DSP0270_1.0.1.pdf
  */
 
+#include <fcntl.h>
 #include <stdio.h>
 #include <string.h>
 #include <strings.h>
@@ -5412,13 +5413,22 @@ static void dmi_table_string(const struct dmi_header *h, const u8 *data, u16 ver
 static int dmi_table_dump(const u8 *ep, u32 ep_len, const u8 *table,
 			  u32 table_len)
 {
+	int fd;
 	FILE *f;
 
-	f = fopen(opt.dumpfile, "wb");
+	fd = open(opt.dumpfile, O_WRONLY|O_CREAT|O_EXCL, 0666);
+	if (fd == -1)
+	{
+		fprintf(stderr, "%s: ", opt.dumpfile);
+		perror("open");
+		return -1;
+	}
+
+	f = fdopen(fd, "wb");
 	if (!f)
 	{
 		fprintf(stderr, "%s: ", opt.dumpfile);
-		perror("fopen");
+		perror("fdopen");
 		return -1;
 	}
 

man/dmidecode.8

@@ -1,4 +1,4 @@
-.TH DMIDECODE 8 "January 2019" "dmidecode"
+.TH DMIDECODE 8 "February 2023" "dmidecode"
 .\"
 .SH NAME
 dmidecode \- \s-1DMI\s0 table decoder
@@ -164,6 +164,7 @@ hexadecimal and \s-1ASCII\s0. This option is mainly useful for debugging.
 Do not decode the entries, instead dump the DMI data to a file in binary
 form. The generated file is suitable to pass to \fB--from-dump\fP
 later.
+\fIFILE\fP must not exist.
 .TP
 .BR "  " "  " "--from-dump \fIFILE\fP"
 Read the DMI data from a binary file previously generated using