cvs commit: patches/rcs rcs-5.7-security-1.patch
jim at linuxfromscratch.org
jim at linuxfromscratch.org
Sun Oct 5 15:14:14 PDT 2003
jim 03/10/05 16:14:14
Added: rcs rcs-5.7-security-1.patch
Log:
Added: rcs-5.7-security-1.patch
Revision Changes Path
1.1 patches/rcs/rcs-5.7-security-1.patch
Index: rcs-5.7-security-1.patch
===================================================================
Submitted By: Jim Gifford (jim at linuxfromscratch dot org)
Date: 2003-09-29
Initial Package Version: 5.7
Origin: Mandrake CVS
Description: Fixes Temp File Security Issue
diff -Naur rcs-5.7.orig/src/rcsfnms.c rcs-5.7/src/rcsfnms.c
--- rcs-5.7.orig/src/rcsfnms.c 1995-06-16 06:19:24.000000000 +0000
+++ rcs-5.7/src/rcsfnms.c 2003-09-29 19:58:14.000000000 +0000
@@ -258,19 +258,57 @@
};
#if has_mktemp
+static char tmppath[1024];
+
+ static void
+tmpcleanup()
+{
+ /* For now, assume that all temp files get
+ * removed before we are invoked */
+ rmdir(tmppath);
+}
+
static char const *tmp P((void));
static char const *
tmp()
/* Yield the name of the tmp directory. */
{
- static char const *s;
- if (!s
- && !(s = cgetenv("TMPDIR")) /* Unix tradition */
+ const char *s;
+
+ if (tmppath[0])
+ return tmppath;
+
+ if (!(s = cgetenv("TMPDIR")) /* Unix tradition */
&& !(s = cgetenv("TMP")) /* DOS tradition */
&& !(s = cgetenv("TEMP")) /* another DOS tradition */
)
s = TMPDIR;
- return s;
+
+ if (strlen(s) > sizeof(tmppath) - 11)
+ s = TMPDIR;
+
+#if defined(__GLIBC_PREREQ) && __GLIBC_PREREQ(2, 2)
+ snprintf(tmppath, sizeof(tmppath), "%s/rcsXXXXXX", s);
+ if (!mkdtemp(tmppath) || !tmppath[0])
+ goto failed;
+#else
+ while (1) {
+ snprintf(tmppath, sizeof(tmppath), "%s/rcsXXXXXX", s);
+ if (!mktemp(tmppath) || !tmppath[0])
+ goto failed;
+ if (mkdir(tmppath, 0700) >= 0)
+ break;
+ if (errno != EEXIST)
+ goto failed;
+ }
+#endif
+
+ atexit(tmpcleanup);
+ return tmppath;
+
+failed:
+ perror("Unable to create temp directory");
+ exit(123);
}
#endif
More information about the patches
mailing list