pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/security/tripwire Replace all uses of mktemp() with mk...
details: https://anonhg.NetBSD.org/pkgsrc/rev/72ffe4433a66
branches: trunk
changeset: 464238:72ffe4433a66
user: ben <ben%pkgsrc.org@localhost>
date: Fri Dec 05 05:40:32 2003 +0000
description:
Replace all uses of mktemp() with mkstemp() and close PR 23640.
diffstat:
security/tripwire/Makefile | 4 +-
security/tripwire/distinfo | 9 ++++-
security/tripwire/patches/patch-ad | 27 ++++++++++++---
security/tripwire/patches/patch-ae | 41 ++++++++++++++++++++++++
security/tripwire/patches/patch-af | 63 ++++++++++++++++++++++++++++++++++++++
security/tripwire/patches/patch-ag | 12 +++++++
security/tripwire/patches/patch-ah | 14 ++++++++
security/tripwire/patches/patch-ai | 62 +++++++++++++++++++++++++++++++++++++
8 files changed, 222 insertions(+), 10 deletions(-)
diffs (284 lines):
diff -r 38cb60d8ec1f -r 72ffe4433a66 security/tripwire/Makefile
--- a/security/tripwire/Makefile Fri Dec 05 05:33:17 2003 +0000
+++ b/security/tripwire/Makefile Fri Dec 05 05:40:32 2003 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.16 2003/12/03 21:18:09 ben Exp $
+# $NetBSD: Makefile,v 1.17 2003/12/05 05:40:32 ben Exp $
#
DISTNAME= tripwire-1.2
-PKGREVISION= 1
+PKGREVISION= 2
CATEGORIES= security
MASTER_SITES= ftp://coast.cs.purdue.edu/pub/tools/unix/ids/tripwire/
diff -r 38cb60d8ec1f -r 72ffe4433a66 security/tripwire/distinfo
--- a/security/tripwire/distinfo Fri Dec 05 05:33:17 2003 +0000
+++ b/security/tripwire/distinfo Fri Dec 05 05:40:32 2003 +0000
@@ -1,8 +1,13 @@
-$NetBSD: distinfo,v 1.5 2003/12/03 21:18:09 ben Exp $
+$NetBSD: distinfo,v 1.6 2003/12/05 05:40:32 ben Exp $
SHA1 (tripwire-1.2.tar.gz) = 6fc91e25b3e1af3881fd5b6acf240ab6c1133e38
Size (tripwire-1.2.tar.gz) = 299831 bytes
SHA1 (patch-aa) = 37e41b99fbd437cc62b1446545f963d03e91e819
SHA1 (patch-ab) = 186edaa504e6e1a7edadb2168982b9b8a2482bac
SHA1 (patch-ac) = 35b3fe52f497e6cbbf7edfeaee398f0d24aff219
-SHA1 (patch-ad) = 92fe68b5cb929dfc16b767e28d72852428246a32
+SHA1 (patch-ad) = 4b8ad8d0cd7c17a8f3a655c5a574856670533ea5
+SHA1 (patch-ae) = 18fe18ded565476a80b9280054cdf7f90403588e
+SHA1 (patch-af) = 968df5d2ea577a8fde9c5aafa43d9fb1e4efde54
+SHA1 (patch-ag) = 3bfc6965782d727b6b5cf20da4dd44e45327925f
+SHA1 (patch-ah) = 97eccc44190e165dbf174f04c3acab5f1b442bc7
+SHA1 (patch-ai) = 51075e32a7523a8d1691aa41336fe46b671fa865
diff -r 38cb60d8ec1f -r 72ffe4433a66 security/tripwire/patches/patch-ad
--- a/security/tripwire/patches/patch-ad Fri Dec 05 05:33:17 2003 +0000
+++ b/security/tripwire/patches/patch-ad Fri Dec 05 05:40:32 2003 +0000
@@ -1,10 +1,8 @@
-$NetBSD: patch-ad,v 1.1 2000/07/14 08:59:37 agc Exp $
-
-On NetBSD, st_size is a 64-bit quantity.
+$NetBSD: patch-ad,v 1.2 2003/12/05 05:40:32 ben Exp $
---- src/utils.c 1994/07/25 16:23:16 1.23
-+++ src/utils.c 2000/07/14 08:53:49
-@@ -697,8 +697,13 @@
+--- src/utils.c.orig 1994-07-25 09:23:16.000000000 -0700
++++ src/utils.c
+@@ -697,8 +697,13 @@ direntry_print (name, statbuf, mode)
print_perm((uint32)statbuf.st_mode);
@@ -18,3 +16,20 @@
printf(" %s\n", name);
}
+@@ -789,13 +794,10 @@ fd_tempfilename_generate()
+ int fd;
+
+ (void) strcpy(tmp, TEMPFILE_TEMPLATE);
+- if ((char *) mktemp(tmp) == NULL) {
+- perror("tempfilename_generate: mktemp()");
+- exit(1);
+- }
++ fd = mkstemp(tmp);
+
+- if ((fd = open(tmp, O_RDWR | O_CREAT, 0600)) < 0) {
+- perror("tempfilename_generate: open()");
++ if (fd == -1) {
++ perror("tempfilename_generate: mkstemp()");
+ exit(1);
+ }
+ /* unlink right away to make sure no one can tamper with our file */
diff -r 38cb60d8ec1f -r 72ffe4433a66 security/tripwire/patches/patch-ae
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/tripwire/patches/patch-ae Fri Dec 05 05:40:32 2003 +0000
@@ -0,0 +1,41 @@
+$NetBSD: patch-ae,v 1.1 2003/12/05 05:40:32 ben Exp $
+
+--- src/config.parse.c.orig 1994-07-20 18:03:26.000000000 -0700
++++ src/config.parse.c
+@@ -55,7 +55,6 @@ static char rcsid[] = "$Id: config.parse
+ #endif
+
+ /* prototypes */
+-char *mktemp();
+ static void configfile_descend();
+
+ #ifndef L_tmpnam
+@@ -90,6 +89,7 @@ configfile_read(pp_list, pp_entry_list)
+ char number[128];
+ int entrynum = 0;
+ int err;
++ int fdout;
+
+ /* to make code semi-reentrant */
+ list_reset(&prune_list);
+@@ -105,8 +105,9 @@ configfile_read(pp_list, pp_entry_list)
+ };
+ (void) strcpy(tmpfilename, TEMPFILE_TEMPLATE);
+
+- if ((char *) mktemp(tmpfilename) == NULL) {
+- perror("configfile_read: mktemp()");
++ fdout = mkstemp(tmpfilename);
++ if (fdout == -1) {
++ perror("configfile_read: mkstemp()");
+ exit(1);
+ }
+
+@@ -149,7 +150,7 @@ configfile_read(pp_list, pp_entry_list)
+
+ err = umask(077); /* to protect the tempfile */
+
+- if ((fpout = fopen(tmpfilename, "w+")) == NULL) {
++ if ((fpout = fdopen(fdout, "w+")) == NULL) {
+ sprintf(s, "tripwire: Couldn't open config file '%s'", configfile);
+ perror(s);
+ exit(1);
diff -r 38cb60d8ec1f -r 72ffe4433a66 security/tripwire/patches/patch-af
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/tripwire/patches/patch-af Fri Dec 05 05:40:32 2003 +0000
@@ -0,0 +1,63 @@
+$NetBSD: patch-af,v 1.1 2003/12/05 05:40:32 ben Exp $
+
+--- src/dbase.build.c.orig 1994-07-25 08:24:09.000000000 -0700
++++ src/dbase.build.c
+@@ -66,7 +66,6 @@ static char rcsid[] = "$Id: dbase.build.
+ int files_scanned_num = 0;
+
+ /* prototypes */
+-char *mktemp();
+ static void database_record_write();
+
+ char backupfile[MAXPATHLEN+256];
+@@ -92,6 +91,7 @@ database_build (pp_list, mode, pp_entry_
+ {
+ struct list_elem *p_fileentry;
+ struct list_elem *p_configentry;
++ int fdw;
+ FILE *fpw;
+ char database[MAXPATHLEN+256];
+ int entrynum,
+@@ -130,11 +130,12 @@ database_build (pp_list, mode, pp_entry_
+ die_with_err("malloc() failed in database_build", (char *) NULL);
+ (void) strcpy(tmpfilename, TEMPFILE_TEMPLATE);
+
+- if ((char *) mktemp(tmpfilename) == NULL)
+- die_with_err("database_build: mktemp()", (char *) NULL);
++ fdw = mkstemp(tmpfilename);
++ if (fdw == -1)
++ die_with_err("database_build: mkstemp()", (char *) NULL);
++ unlink(tmpfilename);
+
+- (void) strcpy(tempdatabase_file, tmpfilename);
+- (void) strcpy(database, tempdatabase_file);
++ (void) strcpy(database, tmpfilename);
+ free(tmpfilename);
+ } /* end if temporary database */
+ else if (mode == DBASE_UPDATE) {
+@@ -224,6 +225,11 @@ printf("database_build(): ---> olddataba
+ }
+
+ /* rebuild the database */
++ if (mode == DBASE_TEMPORARY) {
++ fpw = fdopen(fdw, "w+");
++ if (fpw == NULL)
++ die_with_err("call fdopen() failed.", NULL);
++ } else
+ if ((fpw = fopen(database, "w")) == NULL)
+ die_with_err("Hint: Maybe the database directory '%s' doesn't exist? fopen()", database);
+
+@@ -367,10 +373,10 @@ printf("--(contents)-->%s\n", entry);
+ die_with_err("database_build: list_close() failed!\n", (char *) NULL);
+ }
+
+- /* we don't want to allow anyone to spoof the temporary file in /tmp */
++ /* If the database was temporary, the file was unlink()ed, and is
++ "hidden" from other processes. */
+ if (mode == DBASE_TEMPORARY) {
+- if ((fptempdbase = freopen(database, "r", fpw)) == NULL)
+- die_with_err("temporary database file disappeared?!?", database);
++ fptempdbase = fpw;
+ rewind(fptempdbase);
+ } else {
+ fclose(fpw);
diff -r 38cb60d8ec1f -r 72ffe4433a66 security/tripwire/patches/patch-ag
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/tripwire/patches/patch-ag Fri Dec 05 05:40:32 2003 +0000
@@ -0,0 +1,12 @@
+$NetBSD: patch-ag,v 1.1 2003/12/05 05:40:32 ben Exp $
+
+--- src/main.c.orig 1994-08-26 01:23:03.000000000 -0700
++++ src/main.c
+@@ -108,7 +108,6 @@ char *database_file = DATABASE_FILE;
+ char *database_path = DATABASE_PATH;
+ char *config_path = CONFIG_PATH;
+
+-char tempdatabase_file[MAXPATHLEN+256];
+ FILE *fptempdbase;
+
+ char *defaultignore = DEFAULTIGNORE;
diff -r 38cb60d8ec1f -r 72ffe4433a66 security/tripwire/patches/patch-ah
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/tripwire/patches/patch-ah Fri Dec 05 05:40:32 2003 +0000
@@ -0,0 +1,14 @@
+$NetBSD: patch-ah,v 1.1 2003/12/05 05:40:32 ben Exp $
+
+--- src/preen.c.orig 1994-07-25 08:24:11.000000000 -0700
++++ src/preen.c
+@@ -98,9 +98,6 @@ update_gather(interactive, ppp_updateent
+ if (!specified_configmode)
+ (void) fclose(fp_in);
+
+- /* remove the temporary database file */
+- (void) unlink(tempdatabase_file);
+-
+ SPDEBUG(3) printf("*** leaving update_gather()\n");
+
+ list_reset(&configentry_list);
diff -r 38cb60d8ec1f -r 72ffe4433a66 security/tripwire/patches/patch-ai
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/tripwire/patches/patch-ai Fri Dec 05 05:40:32 2003 +0000
@@ -0,0 +1,62 @@
+$NetBSD: patch-ai,v 1.1 2003/12/05 05:40:32 ben Exp $
+
+--- src/siggen.c.orig 1994-07-25 08:24:12.000000000 -0700
++++ src/siggen.c
+@@ -52,7 +52,6 @@ static char rcsid[] = "$Id: siggen.c,v 1
+
+ extern int optind;
+ int debuglevel = 0;
+-char *mktemp();
+
+ int (*pf_signatures [NUM_SIGS]) () = {
+ SIG0FUNC,
+@@ -164,6 +163,7 @@ main(argc, argv)
+ }
+
+ if (readstdin) {
++ int fdout;
+ FILE *fpout;
+ /* generate temporary file name */
+ if ((tmpfilename = (char *) malloc(L_tmpnam + MAXPATHLEN)) == NULL) {
+@@ -172,32 +172,26 @@ main(argc, argv)
+ };
+ (void) strcpy(tmpfilename, "/tmp/twzXXXXXX");
+
+- if ((char *) mktemp(tmpfilename) == NULL) {
+- perror("siggen: mktemp()");
++ fdout = mkstemp(tmpfilename);
++ if (fdout == -1) {
++ perror("siggen: mkstemp()");
+ exit(1);
+ }
++ unlink(tmpfilename);
+
+ /* output */
+- if (!(fpout = fopen(tmpfilename, "w"))) {
+- char err[1024];
+- sprintf(err, "main: fopen(%s)", tmpfilename);
+- perror(err);
++ if (!(fpout = fdopen(fdout, "w"))) {
++ perror("siggen: fdopen()");
+ exit(1);
+ }
+ /* copy */
+ while ((c = getc(stdin)) != EOF)
+ putc(c, fpout);
+- fclose(fpout);
+- if ((fd = open(tmpfilename, O_RDONLY)) < 0) {
+- perror("siggen: open");
+- exit(1);
+- }
+- if (siggen(fd) < 0)
++ rewind(fpout);
++ if (siggen(fdout) < 0)
+ errors++;
+
+- if (fd)
+- close(fd);
+- unlink(tmpfilename);
++ fclose(fpout);
+ }
+
+ if (errors)
Home |
Main Index |
Thread Index |
Old Index