From owner-freebsd-audit Sun Nov 19 16:56:10 2000 Delivered-To: freebsd-audit@freebsd.org Received: from citusc17.usc.edu (citusc17.usc.edu [128.125.38.177]) by hub.freebsd.org (Postfix) with ESMTP id 0F39737B479 for ; Sun, 19 Nov 2000 16:56:07 -0800 (PST) Received: (from kris@localhost) by citusc17.usc.edu (8.11.1/8.11.1) id eAK0vBS03753 for audit@FreeBSD.org; Sun, 19 Nov 2000 16:57:11 -0800 (PST) (envelope-from kris) Date: Sun, 19 Nov 2000 16:57:11 -0800 From: Kris Kennaway To: audit@FreeBSD.org Subject: m4 tempfile fix Message-ID: <20001119165711.A3579@citusc17.usc.edu> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="0F1p//8PRICkK4MW" Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG --0F1p//8PRICkK4MW Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable m4 was abusing mktemp() to make a unique prefix but then tacking on predictable prefixes to make multiple files. I fixed it to create a secure directory where it can play with its insecure filenames to its heart content. Reviews, anyone? Kris Index: main.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/usr.bin/m4/main.c,v retrieving revision 1.7 diff -u -r1.7 main.c --- main.c 2000/09/04 06:09:48 1.7 +++ main.c 2000/11/20 00:53:13 @@ -82,6 +82,7 @@ FILE *outfile[MAXOUT]; /* diversion array(0=3Dbitbucket)*/ FILE *active; /* active output file pointer */ char *m4temp; /* filename for diversions */ +char *m4dir; /* directory for diversions */ int ilevel =3D 0; /* input file stack pointer */ int oindex =3D 0; /* diversion index.. */ char *null =3D ""; /* as it says.. just a null.. */ @@ -181,7 +182,8 @@ =20 active =3D stdout; /* default active output */ /* filename for diversions */ - m4temp =3D mktemp(xstrdup(_PATH_DIVNAME)); + m4dir =3D mkdtemp(xstrdup(_PATH_DIVDIRNAME)); + (void) asprintf(&m4temp, "%s/%s", m4dir, _PATH_DIVNAME); =20 bbase[0] =3D bufbase; if (!argc) { @@ -225,6 +227,7 @@ (void) remove(m4temp); #else (void) unlink(m4temp); + (void) rmdir(m4dir); #endif } =20 Index: pathnames.h =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/usr.bin/m4/pathnames.h,v retrieving revision 1.1.1.1 diff -u -r1.1.1.1 pathnames.h --- pathnames.h 1994/05/27 12:30:43 1.1.1.1 +++ pathnames.h 2000/11/20 00:52:29 @@ -47,8 +47,9 @@ #endif =20 #ifdef unix -#define _PATH_DIVNAME "/tmp/m4.0XXXXXX" /* unix diversion files */ -#define UNIQUE 8 /* unique char location */ +#define _PATH_DIVDIRNAME "/tmp/m4XXXXXX" /* directory for files */ +#define _PATH_DIVNAME "m4.0" /* unix diversion files */ +#define UNIQUE 17 /* unique char location */ #endif =20 #ifdef vms --0F1p//8PRICkK4MW Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjoYduYACgkQWry0BWjoQKVBwgCeMK6nF4NRTRCEAnKrkuA3JaNC qsQAoItsacen29QtcF2pMyjizeRvFHtI =gS0X -----END PGP SIGNATURE----- --0F1p//8PRICkK4MW-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message