From owner-freebsd-audit Tue May 8 17: 5:10 2001 Delivered-To: freebsd-audit@freebsd.org Received: from nebula.cybercable.fr (d189.dhcp212-126.cybercable.fr [212.198.126.189]) by hub.freebsd.org (Postfix) with ESMTP id F3B4C37B422 for ; Tue, 8 May 2001 17:04:51 -0700 (PDT) (envelope-from mux@qualys.com) Received: (from mux@localhost) by nebula.cybercable.fr (8.11.3/8.11.3) id f4904oj42592 for audit@FreeBSD.org; Wed, 9 May 2001 02:04:50 +0200 (CEST) (envelope-from mux) Date: Wed, 9 May 2001 02:04:50 +0200 From: Maxime Henrion To: audit@FreeBSD.org Subject: binutils patch from OpenBSD Message-ID: <20010509020450.A38094@nebula.cybercable.fr> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="gBBFr7Ir9EOA20Yy" Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG --gBBFr7Ir9EOA20Yy Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hi, Here is some more stuff merged from OpenBSD. It avoids calls to insecure choose_temp_base() and changes the make_tempname() interface so that it's able to create either files or directories. It also makes this new interface call the secure mkdtemp() and mkstemp() functions if available. Maxime -- Don't be fooled by cheap finnish imitations ; BSD is the One True Code Key fingerprint = F9B6 1D5A 4963 331C 88FC CA6A AB50 1EF2 8CBE 99D6 Public Key : http://www.epita.fr/~henrio_m/ --gBBFr7Ir9EOA20Yy Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="binutils.diff" diff -c /usr/src/contrib/binutils/binutils/ar.c binutils/ar.c *** /usr/src/contrib/binutils/binutils/ar.c Fri Jul 7 15:34:11 2000 --- binutils/ar.c Wed May 9 01:18:30 2001 *************** *** 1064,1070 **** old_name = xmalloc (strlen (bfd_get_filename (iarch)) + 1); strcpy (old_name, bfd_get_filename (iarch)); ! new_name = make_tempname (old_name); output_filename = new_name; --- 1064,1070 ---- old_name = xmalloc (strlen (bfd_get_filename (iarch)) + 1); strcpy (old_name, bfd_get_filename (iarch)); ! new_name = make_tempname (old_name, 0); output_filename = new_name; diff -c /usr/src/contrib/binutils/binutils/bucomm.c binutils/bucomm.c *** /usr/src/contrib/binutils/binutils/bucomm.c Fri Jul 7 15:34:12 2000 --- binutils/bucomm.c Wed May 9 01:36:05 2001 *************** *** 208,224 **** /* Return the name of a temporary file in the same directory as FILENAME. */ char * ! make_tempname (filename) char *filename; { static char template[] = "stXXXXXX"; char *tmpname; char *slash = strrchr (filename, '/'); #ifdef HAVE_DOS_BASED_FILE_SYSTEM { /* We could have foo/bar\\baz, or foo\\bar, or d:bar. */ char *bslash = strrchr (filename, '\\'); if (bslash > slash) slash = bslash; if (slash == NULL && filename[0] != '\0' && filename[1] == ':') --- 208,228 ---- /* Return the name of a temporary file in the same directory as FILENAME. */ char * ! make_tempname (filename, isdir) char *filename; + int isdir; { static char template[] = "stXXXXXX"; char *tmpname; char *slash = strrchr (filename, '/'); + char c; + int fd; #ifdef HAVE_DOS_BASED_FILE_SYSTEM { /* We could have foo/bar\\baz, or foo\\bar, or d:bar. */ char *bslash = strrchr (filename, '\\'); + if (bslash > slash) slash = bslash; if (slash == NULL && filename[0] != '\0' && filename[1] == ':') *************** *** 228,235 **** if (slash != (char *) NULL) { - char c; - c = *slash; *slash = 0; tmpname = xmalloc (strlen (filename) + sizeof (template) + 2); --- 232,237 ---- *************** *** 243,257 **** #endif strcat (tmpname, "/"); strcat (tmpname, template); - mktemp (tmpname); - *slash = c; } else { tmpname = xmalloc (sizeof (template)); strcpy (tmpname, template); mktemp (tmpname); } return tmpname; } --- 245,286 ---- #endif strcat (tmpname, "/"); strcat (tmpname, template); } else { tmpname = xmalloc (sizeof (template)); strcpy (tmpname, template); + } + + if (isdir) + { + #ifdef HAVE_MKDTEMP + if (mkdtemp (tmpname) != (char *) NULL) + #else mktemp (tmpname); + #if defined (_WIN32) && !defined (__CYGWIN32__) + if (mkdir (tmpname) != 0) + #else + if (mkdir (tmpname, 0700) != 0) + #endif + #endif + tmpname = NULL; } + else + { + #ifdef HAVE_MKSTEMP + fd = mkstemp (tmpname); + if (fd == -1) + tmpname = NULL; + else + close (fd); + #else + mktemp (tmpname); + #endif + } + if (slash != (char *) NULL) + *slash = c; + return tmpname; } diff -c /usr/src/contrib/binutils/binutils/bucomm.h binutils/bucomm.h *** /usr/src/contrib/binutils/binutils/bucomm.h Fri Jul 7 15:34:12 2000 --- binutils/bucomm.h Wed May 9 01:37:18 2001 *************** *** 167,173 **** void print_arelt_descr PARAMS ((FILE *file, bfd *abfd, boolean verbose)); ! char *make_tempname PARAMS ((char *)); bfd_vma parse_vma PARAMS ((const char *, const char *)); --- 167,173 ---- void print_arelt_descr PARAMS ((FILE *file, bfd *abfd, boolean verbose)); ! char *make_tempname PARAMS ((char *, int)); bfd_vma parse_vma PARAMS ((const char *, const char *)); diff -c /usr/src/contrib/binutils/binutils/dlltool.c binutils/dlltool.c *** /usr/src/contrib/binutils/binutils/dlltool.c Fri Jul 7 15:34:17 2000 --- binutils/dlltool.c Wed May 9 01:40:57 2001 *************** *** 1117,1123 **** --- 1117,1127 ---- int i; const char **argv; char *errmsg_fmt, *errmsg_arg; + #if defined (__MSDOS__) && !defined (__GO32__) char *temp_base = choose_temp_base (); + #else + char *temp_base = NULL; + #endif inform ("run: %s %s", what, args); diff -c /usr/src/contrib/binutils/binutils/dllwrap.c binutils/dllwrap.c *** /usr/src/contrib/binutils/binutils/dllwrap.c Fri Jul 7 07:33:30 2000 --- binutils/dllwrap.c Wed May 9 01:42:56 2001 *************** *** 392,398 **** int i; const char **argv; char *errmsg_fmt, *errmsg_arg; ! char *temp_base = choose_temp_base (); int in_quote; char sep; --- 392,402 ---- int i; const char **argv; char *errmsg_fmt, *errmsg_arg; ! #if defined (__MSDOS__) && !defined (__GO32__) ! char *temp_base = choose_temp_base (); ! #else ! char *temp_base = NULL; ! #endif int in_quote; char sep; *************** *** 834,845 **** if (! def_file_seen) { ! char *fileprefix = choose_temp_base (); ! def_file_name = (char *) xmalloc (strlen (fileprefix) + 5); ! sprintf (def_file_name, "%s.def", ! (dontdeltemps) ? mybasename (fileprefix) : fileprefix); ! delete_def_file = 1; ! free (fileprefix); delete_def_file = 1; warn (_("no export definition file provided")); warn (_("creating one, but that may not be what you want")); --- 838,846 ---- if (! def_file_seen) { ! def_file_name = make_temp_file (".def"); ! if (dontdeltemps) ! def_file_name = mybasename (def_file_name); delete_def_file = 1; warn (_("no export definition file provided")); warn (_("creating one, but that may not be what you want")); *************** *** 1022,1033 **** if (! base_file_name) { ! char *fileprefix = choose_temp_base (); ! base_file_name = (char *) xmalloc (strlen (fileprefix) + 6); ! sprintf (base_file_name, "%s.base", ! (dontdeltemps) ? mybasename (fileprefix) : fileprefix); delete_base_file = 1; - free (fileprefix); } { --- 1023,1032 ---- if (! base_file_name) { ! base_file_name = make_temp_file (".base"); ! if (dontdeltemps) ! base_file_name = mybasename (base_file_name); delete_base_file = 1; } { diff -c /usr/src/contrib/binutils/binutils/objcopy.c binutils/objcopy.c *** /usr/src/contrib/binutils/binutils/objcopy.c Sat Nov 25 14:01:33 2000 --- binutils/objcopy.c Wed May 9 01:39:14 2001 *************** *** 1071,1084 **** } *list, *l; bfd **ptr = &obfd->archive_head; bfd *this_element; ! char *dir = make_tempname (bfd_get_filename (obfd)); /* Make a temp directory to hold the contents. */ ! #if defined (_WIN32) && !defined (__CYGWIN32__) ! if (mkdir (dir) != 0) ! #else ! if (mkdir (dir, 0700) != 0) ! #endif { fatal (_("cannot mkdir %s for archive copying (error: %s)"), dir, strerror (errno)); --- 1071,1080 ---- } *list, *l; bfd **ptr = &obfd->archive_head; bfd *this_element; ! char *dir = make_tempname (bfd_get_filename (obfd), 1); /* Make a temp directory to hold the contents. */ ! if (dir == (char *) NULL) { fatal (_("cannot mkdir %s for archive copying (error: %s)"), dir, strerror (errno)); *************** *** 1761,1767 **** if (output_file != NULL) tmpname = output_file; else ! tmpname = make_tempname (argv[i]); status = 0; copy_file (argv[i], tmpname, input_target, output_target); --- 1757,1763 ---- if (output_file != NULL) tmpname = output_file; else ! tmpname = make_tempname (argv[i], 0); status = 0; copy_file (argv[i], tmpname, input_target, output_target); *************** *** 2166,2172 **** if (output_filename == (char *) NULL) { ! char *tmpname = make_tempname (input_filename); copy_file (input_filename, tmpname, input_target, output_target); if (status == 0) --- 2162,2168 ---- if (output_filename == (char *) NULL) { ! char *tmpname = make_tempname (input_filename, 0); copy_file (input_filename, tmpname, input_target, output_target); if (status == 0) diff -c /usr/src/contrib/binutils/binutils/objdump.c binutils/objdump.c *** /usr/src/contrib/binutils/binutils/objdump.c Sat Nov 25 14:01:33 2000 --- binutils/objdump.c Wed May 9 01:15:02 2001 *************** *** 2631,2637 **** char *dummy_name; int t; ! dummy_name = choose_temp_base (); for (t = 0; bfd_target_vector[t]; t++) { bfd_target *p = bfd_target_vector[t]; --- 2631,2637 ---- char *dummy_name; int t; ! dummy_name = make_temp_file (NULL); for (t = 0; bfd_target_vector[t]; t++) { bfd_target *p = bfd_target_vector[t]; *************** *** 2685,2691 **** printf ("%s ", bfd_target_vector[t]->name); putchar ('\n'); ! dummy_name = choose_temp_base (); for (a = (int) bfd_arch_obscure + 1; a < (int) bfd_arch_last; a++) if (strcmp (bfd_printable_arch_mach (a, 0), "UNKNOWN!") != 0) { --- 2685,2691 ---- printf ("%s ", bfd_target_vector[t]->name); putchar ('\n'); ! dummy_name = make_temp_file (NULL); for (a = (int) bfd_arch_obscure + 1; a < (int) bfd_arch_last; a++) if (strcmp (bfd_printable_arch_mach (a, 0), "UNKNOWN!") != 0) { Common subdirectories: /usr/src/contrib/binutils/binutils/po and binutils/po diff -c /usr/src/contrib/binutils/binutils/resrc.c binutils/resrc.c *** /usr/src/contrib/binutils/binutils/resrc.c Fri Jul 7 15:34:26 2000 --- binutils/resrc.c Wed May 9 01:44:39 2001 *************** *** 185,191 **** --- 185,195 ---- int i; const char **argv; char *errmsg_fmt, *errmsg_arg; + #if defined (__MSDOS__) && !defined (__GO32__) char *temp_base = choose_temp_base (); + #else + char *temp_base = NULL; + #endif int in_quote; char sep; int redir_handle = -1; *************** *** 297,308 **** { if (istream_type == ISTREAM_FILE) { ! char *fileprefix; ! ! fileprefix = choose_temp_base (); ! cpp_temp_file = (char *) xmalloc (strlen (fileprefix) + 5); ! sprintf (cpp_temp_file, "%s.irc", fileprefix); ! free (fileprefix); if (run_cmd (cmd, cpp_temp_file)) fatal (_("can't execute `%s': %s"), cmd, strerror (errno)); --- 301,307 ---- { if (istream_type == ISTREAM_FILE) { ! cpp_temp_file = make_temp_file (".irc"); if (run_cmd (cmd, cpp_temp_file)) fatal (_("can't execute `%s': %s"), cmd, strerror (errno)); --gBBFr7Ir9EOA20Yy-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message