CVE-2014-2893, insecure temporary file handling in clang's scan-build utility

Resolves: #1088107 #1088105

---
 tools/clang/tools/scan-build/scan-build | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/tools/clang/tools/scan-build/scan-build b/tools/clang/tools/scan-build/scan-build
index 0f119f6..76135d8 100755
--- a/tools/clang/tools/scan-build/scan-build
+++ b/tools/clang/tools/scan-build/scan-build
@@ -204,6 +204,12 @@ sub GetHTMLRunDir {
   else {
     $NewDir = "$Dir/$DateString-$RunNumber";
   }
+
+  # Make sure that the directory does not exist in order to avoid hijack.
+  if (-e $NewDir) {
+      DieDiag("The directory '$NewDir' already exists.\n");
+  }
+
   system 'mkdir','-p',$NewDir;
   return $NewDir;
 }
-- 
2.1.0