Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 69463 Details for
Bug 106105
sys-apps/texinfo: Insecure temporary file creation (CAN-2005-3011)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
texinfo-texindex-tempfile.patch
texinfo-texindex-tempfile.patch (text/plain), 1.59 KB, created by
SpanKY
on 2005-09-29 00:38:50 UTC
(
hide
)
Description:
texinfo-texindex-tempfile.patch
Filename:
MIME Type:
Creator:
SpanKY
Created:
2005-09-29 00:38:50 UTC
Size:
1.59 KB
patch
obsolete
>Index: util/texindex.c >=================================================================== >RCS file: /cvsroot/texinfo/texinfo/util/texindex.c,v >retrieving revision 1.13 >diff -u -p -r1.13 texindex.c >--- util/texindex.c 19 Aug 2005 22:23:54 -0000 1.13 >+++ util/texindex.c 25 Sep 2005 09:05:34 -0000 >@@ -99,6 +99,9 @@ long nlines; > /* Directory to use for temporary files. On Unix, it ends with a slash. */ > char *tempdir; > >+/* Basename for temp files inside of tempdir. */ >+char *tempbase; >+ > /* Number of last temporary file. */ > int tempcount; > >@@ -190,6 +193,11 @@ main (int argc, char **argv) > > decode_command (argc, argv); > >+ /* XXX mkstemp not appropriate, as we need to have somewhat predictable >+ * names. But race condition was fixed, see maketempname. >+ */ >+ tempbase = mktemp ("txidxXXXXXX"); >+ > /* Process input files completely, one by one. */ > > for (i = 0; i < num_infiles; i++) >@@ -392,21 +400,21 @@ For more information about these matters > static char * > maketempname (int count) > { >- static char *tempbase = NULL; > char tempsuffix[10]; >- >- if (!tempbase) >- { >- int fd; >- tempbase = concat (tempdir, "txidxXXXXXX"); >- >- fd = mkstemp (tempbase); >- if (fd == -1) >- pfatal_with_name (tempbase); >- } >+ char *name, *tmp_name; >+ int fd; > > sprintf (tempsuffix, ".%d", count); >- return concat (tempbase, tempsuffix); >+ tmp_name = concat (tempdir, tempbase); >+ name = concat (tmp_name, tempsuffix); >+ free(tmp_name); >+ >+ fd = open (name, O_CREAT|O_EXCL|O_WRONLY, 0600); >+ if (fd == -1) >+ pfatal_with_name (name); >+ >+ close(fd); >+ return name; > } > >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 106105
:
69199
| 69463