pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: CVS commit: pkgsrc/sysutils/gentoo
On Sun, Jan 25, 2009 at 01:12:44PM +0000, OBATA Akio wrote:
> Modified Files:
> pkgsrc/sysutils/gentoo: Makefile distinfo
> Removed Files:
> pkgsrc/sysutils/gentoo/patches: patch-ae
>
> Log Message:
> Remove patch-ae.
> It replace tmpnam() with mkdtemp(), but
> * It exists since initial import, but no reason.
> * mkdtemp(3) is not portable, but used unconditionally, reported by PR
> 39717.
> * tmpnam(3) is used to get temp filename, but mkdtemp(3) create temp
> directory,
> and return the path. So, the replacement is completely mistaken.
>
> Bump PKGREVISION.
This is incorrect - you've introduced insecure-temporary-files.
Please put patch-ae back, and revise it to use mkstemp() instead of
mkdtemp(). Perhaps something like this (untested):
--- types.c.orig 2009-01-25 16:29:23.000000000 -0500
+++ types.c 2009-01-25 16:38:15.000000000 -0500
@@ -345,14 +345,18 @@
void typ_identify_end(MainInfo *min, const gchar *path)
{
const GList *here;
- gchar buf[MAXNAMLEN + 2], *temp_name;
+ gchar buf[MAXNAMLEN + 2];
gint fd[2], len, status;
pid_t file_pid;
FType *type;
+ char tempnamebuf[64];
+ int tempfd;
if(file_list == NULL)
return;
- if((temp_name = tmpnam(NULL)) == NULL)
+ strcpy(tempnamebuf, _PATH_TMP "gentoo.XXXXXX");
+ tempfd = mkstemp(tempnamebuf);
+ if (tempfd < 0)
return;
if(pipe(fd) != 0)
return;
@@ -360,20 +364,14 @@
file_pid = fork();
if(file_pid == 0)
{
- guint bits = 0U;
-
- if(close(STDIN_FILENO) == 0)
- {
- if(dup(fd[STDIN_FILENO]) == STDIN_FILENO)
- bits |= (close(fd[STDIN_FILENO]) == 0);
- }
- if(close(STDOUT_FILENO) == 0)
- {
- if(open(temp_name, O_CREAT | O_RDWR, S_IRWXU) ==
STDOUT_FILENO)
- bits |= (close(fd[STDOUT_FILENO]) == 0) << 1;
- }
- if(bits == 3U && chdir(path) == 0)
- execlp("file", "file", "-f", "-", NULL);
+ if (dup2(fd[0], STDIN_FILENO) < 0)
+ _exit(EXIT_FAILURE);
+ if (dup2(tempfd, STDOUT_FILENO) < 0)
+ _exit(EXIT_FAILURE);
+ close(fd[1]);
+ if (chdir(path) < 0)
+ _exit(EXIT_FAILURE);
+ execlp("file", "file", "-f", "-", NULL);
_exit(EXIT_FAILURE);
}
else if(file_pid < 0)
@@ -382,21 +380,21 @@
return;
}
/* We don't need the input part of the pipe, so close it. */
- close(fd[STDIN_FILENO]);
+ close(fd[0]);
/* Now, we have file listening on pipe, so write all filenames to it. */
for(here = file_list; here != NULL; here = g_list_next(here))
{
len = g_snprintf(buf, sizeof buf, "%s\n", DP_SEL_NAME(here));
- write(fd[STDOUT_FILENO], buf, len);
+ write(fd[1], buf, len);
}
- close(fd[STDOUT_FILENO]);
+ close(fd[1]);
waitpid(file_pid, &status, 0);
if(WIFEXITED(status))
{
FILE *in;
- if((in = fopen(temp_name, "rt")) != NULL)
+ if((in = fdopen(tempfd, "rt")) != NULL)
{
const gchar *fout;
gchar line[MAXNAMLEN + 256];
@@ -412,7 +410,11 @@
}
fclose(in);
}
+ else
+ close(tempfd);
}
+ else
+ close(tempfd);
g_list_free(file_list);
file_list = NULL;
remove(temp_name);
--
David A. Holland
dholland%netbsd.org@localhost
Home |
Main Index |
Thread Index |
Old Index