Date: Tue, 24 Apr 2001 03:08:08 -0700 From: Kris Kennaway <kris@obsecurity.org> To: audit@FreeBSD.org, pst@FreeBSD.org, bug-gnats@gnu.org Subject: GNATS tempfile patch Message-ID: <20010424030808.A79902@xor.obsecurity.org>
next in thread | raw e-mail | index | archive | help
--4Ckj6UjgE2iN1+kY Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable I got pissed off with the GNATS port creating all sorts of stupid tempfiles; here's part 1 of the fix (part 2 is to fix the .c files to use mkstemp() instead of mktemp()). Please review. Kris --- gnats/gnats-edit-pr.sh.orig Tue Apr 20 14:17:07 1999 +++ gnats/gnats-edit-pr.sh Tue Apr 24 02:42:11 2001 @@ -247,7 +247,7 @@ -e '/^X-GNATS-Notify:/,$b' \ $new.old`" =20 -change_msg=3D/tmp/ed_pr_ch$$ +change_msg=3D`mktemp -t ed_pr_ch` || exit 1 =20 # the following could stand to be cleaned up... if [ "$old_state" !=3D "$new_state" ]; then diff -ruN ../work/gnats-3.113/contrib/prmon ./contrib/prmon --- ../work/gnats-3.113/contrib/prmon Thu Nov 5 11:54:11 1998 +++ ./contrib/prmon Tue Apr 24 02:52:09 2001 @@ -103,15 +103,10 @@ =20 hostname=3D$(hostname) =20 - tmpdir=3D"/tmp/${progname}$$" - while [ -e "${tmpdir}" ]; do - tmpdir=3D"/tmp${progname}${RANDOM}" - done + tmpdir=3D`mktemp -d -t ${progname}` || exit 1 =20 TRAP_SIGNALS=3D"EXIT SIGHUP SIGINT SIGQUIT SIGTERM" trap 'cleanup_and_exit' ${TRAP_SIGNALS} - - mkdir ${tmpdir} || exit 1 } =20 function parse_command_args () @@ -145,7 +140,7 @@ =20 # Redirect all of stderr to a tmp file which we can mail # later.=20 - stderr_file=3D"/tmp/${progname}.stderr$$" + stderr_file=3D`mktemp -t ${progname}.stderr` || exit 1 exec 2> "${stderr_file}" ;; z-h* | z--help | z--h* ) diff -ruN ../work/gnats-3.113/gnats/check-db.sh ./gnats/check-db.sh --- ../work/gnats-3.113/gnats/check-db.sh Fri Feb 26 09:16:55 1999 +++ ./gnats/check-db.sh Tue Apr 24 02:54:53 2001 @@ -40,8 +40,8 @@ MAIL_AGENT=3D"xMAIL_AGENTx" =20 PATH=3D${LIBEXECDIR}:/usr/local/bin:/bin:/usr/bin; export PATH -TMPDIR=3D${TMPDIR-/tmp} -TMPFILE=3D$TMPDIR/gnats-check-db-$$ +TMPFILE=3D`mktemp -t gnats-check-db` || exit 1 +trap "rm -f $TMPFILE; exit 1" 1 2 3 5 10 13 15 =20 #=20 # First, try to lock the database diff -ruN ../work/gnats-3.113/gnats/delete-pr.sh ./gnats/delete-pr.sh --- ../work/gnats-3.113/gnats/delete-pr.sh Fri Feb 26 09:16:55 1999 +++ ./gnats/delete-pr.sh Tue Apr 24 02:56:33 2001 @@ -68,13 +68,13 @@ do =20 =20 - -trap 'rm -f /tmp/user$$ $INDEX.$$; exit 0' 0 +userfile=3D`mktemp -t user` || exit 1 +trap 'rm -f $userfile $INDEX.$$; exit 0' 0 trap 'if [ "$locked" !=3D "" ]; then \ $PR_EDIT --unlock $full_id ; \ locked=3D ; \ fi ; \ - rm -f /tmp/user$$ $INDEX.$$; exit 1' 1 2 3 13 15 + rm -f $userfile $INDEX.$$; exit 1' 1 2 3 13 15 =20 # check $full_id pr=3D$GNATS_ROOT/$full_id # pr =3D full path of editee @@ -116,16 +116,16 @@ # now we have a valid $full_id.. use its full path =20 # lock the pr -$PR_EDIT --lock $me $full_id 2> /tmp/user$$ +$PR_EDIT --lock $me $full_id 2> $userfile locked=3Dt =20 -if [ -s /tmp/user$$ ]; then - if [ "`grep exists /tmp/user$$`" =3D "" ]; then - echo "edit-pr: PR $full_id is locked by `sed 's/.*by //g' /tmp/user$$`" +if [ -s $userfile ]; then + if [ "`grep exists $userfile`" =3D "" ]; then + echo "edit-pr: PR $full_id is locked by `sed 's/.*by //g' $userfile`" else echo "edit-pr: GNATS is presently locked, try again in a moment" fi - rm -f /tmp/user$$ + rm -f $userfile exit 1 fi =20 diff -ruN ../work/gnats-3.113/gnats/gnats-edit-pr.sh ./gnats/gnats-edit-pr.= sh --- ../work/gnats-3.113/gnats/gnats-edit-pr.sh Tue Apr 24 03:01:07 2001 +++ ./gnats/gnats-edit-pr.sh Tue Apr 24 02:54:08 2001 @@ -174,7 +174,7 @@ fi =20 # new =3D temp file to use for editing -new=3D"/tmp/ep$$" +new=3D`mktemp -t ep` || exit 1 =20 # lock the pr $debug_print "Locking $pr_id." diff -ruN ../work/gnats-3.113/gnats/mail-query.sh ./gnats/mail-query.sh --- ../work/gnats-3.113/gnats/mail-query.sh Thu Nov 5 11:54:10 1998 +++ ./gnats/mail-query.sh Tue Apr 24 02:57:49 2001 @@ -46,7 +46,8 @@ [ "$header" =3D "Subject" ] && args=3D"$contents" done =20 -mail=3D/tmp/query$$ +mail=3D`mktemp -t query` || exit 1 +trap "rm -f $mail; exit 1" 1 2 3 5 10 13 15 =20 exec 3>&1 4>&2 > $mail 2>&1 =20 diff -ruN ../work/gnats-3.113/send-pr/install-sid.sh ./send-pr/install-sid.= sh --- ../work/gnats-3.113/send-pr/install-sid.sh Thu Nov 5 11:54:07 1998 +++ ./send-pr/install-sid.sh Tue Apr 24 02:58:27 2001 @@ -28,7 +28,8 @@ BINDIR=3DxBINDIRx =20 SUBMITTER=3D -TEMP=3D/tmp/sp$$ +TEMP=3D`mktemp -t sp` || exit 1 +trap "rm -f $TEMP; exit 1" 1 2 3 5 10 13 15 =20 if [ $# -eq 0 ]; then echo "$USAGE" diff -ruN ../work/gnats-3.113/send-pr/send-pr.sh ./send-pr/send-pr.sh --- ../work/gnats-3.113/send-pr/send-pr.sh Tue Apr 20 14:17:06 1999 +++ ./send-pr/send-pr.sh Tue Apr 24 03:00:19 2001 @@ -75,17 +75,10 @@ =20 #=0C =20 -if [ -z "$TMPDIR" ]; then - TMPDIR=3D/tmp -else - if [ "`echo $TMPDIR | grep '/$'`" !=3D "" ]; then - TMPDIR=3D"`echo $TMPDIR | sed -e 's,/$,,'`" - fi -fi - -TEMP=3D$TMPDIR/p$$ -BAD=3D$TMPDIR/pbad$$ -REF=3D$TMPDIR/pf$$ +TEMP=3D`mktemp -t p` || exit 1 +BAD=3D`mktemp -t pbad` || exit 1 +REF=3D`mktemp -t pf` || exit 1 +trap "rm -f $TEMP $BAD $REF; exit 1" 1 2 3 5 10 13 15 =20 # find a user name if [ "$LOGNAME" =3D "" ]; then --4Ckj6UjgE2iN1+kY Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE65VCHWry0BWjoQKURApEqAKCC+Q/V9KHIgQCJRSuXaGY/uUu7MQCgurlp qk79/Pix7DgBXMDMRdRElW8= =TeJL -----END PGP SIGNATURE----- --4Ckj6UjgE2iN1+kY-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010424030808.A79902>