Date: Wed, 25 Apr 2001 02:37:40 -0700 From: Kris Kennaway <kris@obsecurity.org> To: Kris Kennaway <kris@obsecurity.org> Cc: audit@FreeBSD.ORG, pst@FreeBSD.ORG, bug-gnats@gnu.org Subject: Re: GNATS tempfile patch Message-ID: <20010425023740.C54713@xor.obsecurity.org> In-Reply-To: <20010424030808.A79902@xor.obsecurity.org>; from kris@obsecurity.org on Tue, Apr 24, 2001 at 03:08:08AM -0700 References: <20010424030808.A79902@xor.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --]
..and here's part II, fixing the C code to use mkstemp() if available,
instead of mktemp(). Please review, etc.
Kris
--- gnats/cmds.c.orig Wed Mar 17 15:45:36 1999
+++ gnats/cmds.c Wed Apr 25 02:24:59 2001
@@ -121,19 +121,33 @@
char *buf, *tmpdir;
MsgType r;
int i;
+#ifdef HAVE_MKSTEMP
+ int fd;
+#endif
tmpdir = getenv ("TMPDIR");
if (tmpdir == NULL)
tmpdir = "/tmp"; /* XXX */
-#ifdef HAVE_MKTEMP
+#if defined(HAVE_MKSTEMP) || defined(HAVE_MKTEMP)
sprintf (path, "%s/gnatsXXXXXX", tmpdir);
+#endif
+#ifdef HAVE_MKSTEMP
+ if ((fd = mkstemp (path)) == -1)
+ goto die;
+#else
+#ifdef HAVE_MKTEMP
mktemp (path);
#else
tmpnam (name);
strcpy (path, name);
#endif
+#endif
+#ifdef HAVE_MKSTEMP
+ if ((tf = fdopen (fd, "w")) == (FILE *) NULL)
+#else
if ((tf = fopen (path, "w")) == (FILE *) NULL)
+#endif
{
/* give error that we can't create the temp and leave. */
xfree (path);
--- gnats/internal.c.orig Tue Mar 2 16:18:53 1999
+++ gnats/internal.c Wed Apr 25 02:24:45 2001
@@ -36,20 +36,38 @@
char name[L_tmpnam];
#endif
Index *i;
+#ifdef HAVE_MKSTEMP
+ int fd;
+#endif
-#ifdef HAVE_MKTEMP
+#if defined(HAVE_MKTEMP) || defined(HAVE_MKSTEMP)
workfile = (char *) xmalloc (strlen (gnats_root) +
strlen ("/gnats-adm/indXXXXXX") +
1 /* null */ );
sprintf (workfile, "%s/gnats-adm/indXXXXXX", gnats_root);
+#endif
+#ifdef HAVE_MKSTEMP
+ if ((fd = mkstemp (workfile)) == -1) {
+ fprintf (stderr, "%s: can't open the temporary file\n",
+ program_name);
+ xfree (workfile);
+ return;
+ }
+#else
+#ifdef HAVE_MKTEMP
mktemp (workfile);
#else
workfile = (char *) xmalloc (L_tmpnam);
tmpnam (name);
strcpy (workfile, name);
#endif
+#endif
+#ifdef HAVE_MKSTEMP
+ fp = fdopen (fd, "w");
+#else
fp = fopen (workfile, "w");
+#endif
if (fp == NULL)
{
fprintf (stderr, "%s: can't open the temporary file %s\n",
--- gnats/autoconf.h.in.orig Thu Nov 5 11:54:09 1998
+++ gnats/autoconf.h.in Wed Apr 25 02:24:07 2001
@@ -60,8 +60,13 @@
/* Define if you have the mkdir function. */
#undef HAVE_MKDIR
+/* Define if you have the mkstemp function. */
+#undef HAVE_MKSTEMP
+
/* Define if you have the mktemp function. */
+#ifndef HAVE_MKSTEMP
#undef HAVE_MKTEMP
+#endif
/* Define if you have the <dirent.h> header file. */
#undef HAVE_DIRENT_H
--- gnats/configure.orig Wed Apr 25 02:22:53 2001
+++ gnats/configure Wed Apr 25 02:22:59 2001
@@ -1831,7 +1831,7 @@
fi
done
-for ac_func in ftime mkdir mktemp
+for ac_func in ftime mkdir mktemp mkstemp
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
echo "configure:1838: checking for $ac_func" >&5
diff -ruN gnats-3.113/gnats/configure.in work/gnats-3.113/gnats/configure.in
--- gnats-3.113/gnats/configure.in Thu Nov 5 11:54:10 1998
+++ gnats/configure.in Wed Apr 25 02:13:34 2001
@@ -54,7 +54,7 @@
AC_CHECK_LIB(gen, main)
AC_STDC_HEADERS
AC_HAVE_HEADERS(string.h fcntl.h limits.h syslog.h memory.h netdb.h unistd.h sys/select.h machine/endian.h)
-AC_HAVE_FUNCS(ftime mkdir mktemp)
+AC_HAVE_FUNCS(ftime mkdir mkstemp mktemp)
AC_HEADER_DIRENT
AC_SIZE_T
AC_LISPDIR
--- gnats/queue-pr.c.orig Wed Nov 25 06:15:20 1998
+++ gnats/queue-pr.c Wed Apr 25 02:32:29 2001
@@ -247,15 +247,22 @@
tmpdir = getenv ("TMPDIR");
if (tmpdir == NULL)
tmpdir = "/tmp"; /* FIXME */
-#ifdef HAVE_MKTEMP
+#if defined(HAVE_MKSTEMP) || defined(HAVE_MKTEMP)
sprintf (bug_file, "%s/gnatsXXXXXX", tmpdir);
+#endif
+
+#ifdef HAVE_MKSTEMP
+ fd[1] = mkstemp(bug_file);
+#else
+#ifdef HAVE_MKTEMP
mktemp (bug_file);
#else
tmpnam (name);
strcpy (bug_file, name);
#endif
-
fd[1] = open (bug_file, O_WRONLY|O_CREAT, 0664);
+#endif
+
if (fd[1] < 0)
punt (1, "%s: can't open queue file %s for writing: %s\n",
program_name, bug_file, strerror (errno));
[-- Attachment #2 --]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (FreeBSD)
Comment: For info see http://www.gnupg.org
iD8DBQE65prkWry0BWjoQKURAglOAKCDKT9R0w7DDypxA0qhMD1XoVM4wQCg6yj5
GOWLpaWQAAImno5ldOcwWCg=
=RI7n
-----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010425023740.C54713>