Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 25 Apr 2001 02:37:40 -0700
From:      Kris Kennaway <kris@obsecurity.org>
To:        Kris Kennaway <kris@obsecurity.org>
Cc:        audit@FreeBSD.ORG, pst@FreeBSD.ORG, bug-gnats@gnu.org
Subject:   Re: GNATS tempfile patch
Message-ID:  <20010425023740.C54713@xor.obsecurity.org>
In-Reply-To: <20010424030808.A79902@xor.obsecurity.org>; from kris@obsecurity.org on Tue, Apr 24, 2001 at 03:08:08AM -0700
References:  <20010424030808.A79902@xor.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help 

--sHrvAb52M6C8blB9
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

=2E.and here's part II, fixing the C code to use mkstemp() if available,
instead of mktemp().  Please review, etc.

Kris

--- gnats/cmds.c.orig	Wed Mar 17 15:45:36 1999
+++ gnats/cmds.c	Wed Apr 25 02:24:59 2001
@@ -121,19 +121,33 @@
   char *buf, *tmpdir;
   MsgType r;
   int i;
+#ifdef HAVE_MKSTEMP
+  int fd;
+#endif
=20
   tmpdir =3D getenv ("TMPDIR");
   if (tmpdir =3D=3D NULL)
     tmpdir =3D "/tmp"; /* XXX */
-#ifdef HAVE_MKTEMP
+#if defined(HAVE_MKSTEMP) || defined(HAVE_MKTEMP)
   sprintf (path, "%s/gnatsXXXXXX", tmpdir);
+#endif
+#ifdef HAVE_MKSTEMP
+  if ((fd =3D mkstemp (path)) =3D=3D -1)
+    goto die;
+#else
+#ifdef HAVE_MKTEMP
   mktemp (path);
 #else
   tmpnam (name);
   strcpy (path, name);
 #endif
+#endif
=20
+#ifdef HAVE_MKSTEMP
+  if ((tf =3D fdopen (fd, "w")) =3D=3D (FILE *) NULL)
+#else
   if ((tf =3D fopen (path, "w")) =3D=3D (FILE *) NULL)
+#endif
     {
       /* give error that we can't create the temp and leave. */
       xfree (path);
--- gnats/internal.c.orig	Tue Mar  2 16:18:53 1999
+++ gnats/internal.c	Wed Apr 25 02:24:45 2001
@@ -36,20 +36,38 @@
   char name[L_tmpnam];
 #endif
   Index *i;
+#ifdef HAVE_MKSTEMP
+  int fd;
+#endif
=20
-#ifdef HAVE_MKTEMP
+#if defined(HAVE_MKTEMP) || defined(HAVE_MKSTEMP)
   workfile =3D (char *) xmalloc (strlen (gnats_root) +
 			       strlen ("/gnats-adm/indXXXXXX") +
 			       1 /* null */ );
   sprintf (workfile, "%s/gnats-adm/indXXXXXX", gnats_root);
+#endif
+#ifdef HAVE_MKSTEMP
+  if ((fd =3D mkstemp (workfile)) =3D=3D -1) {
+      fprintf (stderr, "%s: can't open the temporary file\n",
+               program_name);
+      xfree (workfile);
+      return;
+  }
+#else
+#ifdef HAVE_MKTEMP
   mktemp (workfile);
 #else
   workfile =3D (char *) xmalloc (L_tmpnam);
   tmpnam (name);
   strcpy (workfile, name);
 #endif
+#endif
=20
+#ifdef HAVE_MKSTEMP
+  fp =3D fdopen (fd, "w");
+#else
   fp =3D fopen (workfile, "w");
+#endif
   if (fp =3D=3D NULL)
     {
       fprintf (stderr, "%s: can't open the temporary file %s\n",
--- gnats/autoconf.h.in.orig	Thu Nov  5 11:54:09 1998
+++ gnats/autoconf.h.in	Wed Apr 25 02:24:07 2001
@@ -60,8 +60,13 @@
 /* Define if you have the mkdir function.  */
 #undef HAVE_MKDIR
=20
+/* Define if you have the mkstemp function.  */
+#undef HAVE_MKSTEMP
+
 /* Define if you have the mktemp function.  */
+#ifndef HAVE_MKSTEMP
 #undef HAVE_MKTEMP
+#endif
=20
 /* Define if you have the <dirent.h> header file.  */
 #undef HAVE_DIRENT_H
--- gnats/configure.orig	Wed Apr 25 02:22:53 2001
+++ gnats/configure	Wed Apr 25 02:22:59 2001
@@ -1831,7 +1831,7 @@
 fi
 done
=20
-for ac_func in ftime mkdir mktemp
+for ac_func in ftime mkdir mktemp mkstemp
 do
 echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
 echo "configure:1838: checking for $ac_func" >&5
diff -ruN gnats-3.113/gnats/configure.in work/gnats-3.113/gnats/configure.in
--- gnats-3.113/gnats/configure.in	Thu Nov  5 11:54:10 1998
+++ gnats/configure.in	Wed Apr 25 02:13:34 2001
@@ -54,7 +54,7 @@
 AC_CHECK_LIB(gen, main)
 AC_STDC_HEADERS
 AC_HAVE_HEADERS(string.h fcntl.h limits.h syslog.h memory.h netdb.h unistd=
.h sys/select.h machine/endian.h)
-AC_HAVE_FUNCS(ftime mkdir mktemp)
+AC_HAVE_FUNCS(ftime mkdir mkstemp mktemp)
 AC_HEADER_DIRENT
 AC_SIZE_T
 AC_LISPDIR
--- gnats/queue-pr.c.orig	Wed Nov 25 06:15:20 1998
+++ gnats/queue-pr.c	Wed Apr 25 02:32:29 2001
@@ -247,15 +247,22 @@
   tmpdir =3D getenv ("TMPDIR");
   if (tmpdir =3D=3D NULL)
     tmpdir =3D "/tmp"; /* FIXME */
-#ifdef HAVE_MKTEMP
+#if defined(HAVE_MKSTEMP) || defined(HAVE_MKTEMP)
   sprintf (bug_file, "%s/gnatsXXXXXX", tmpdir);
+#endif
+
+#ifdef HAVE_MKSTEMP
+  fd[1] =3D mkstemp(bug_file);
+#else
+#ifdef HAVE_MKTEMP
   mktemp (bug_file);
 #else
   tmpnam (name);
   strcpy (bug_file, name);
 #endif
- =20
   fd[1] =3D open (bug_file, O_WRONLY|O_CREAT, 0664);
+#endif
+ =20
   if (fd[1] < 0)
     punt (1, "%s: can't open queue file %s for writing: %s\n",
 	  program_name, bug_file, strerror (errno));


--sHrvAb52M6C8blB9
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (FreeBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE65prkWry0BWjoQKURAglOAKCDKT9R0w7DDypxA0qhMD1XoVM4wQCg6yj5
GOWLpaWQAAImno5ldOcwWCg=
=RI7n
-----END PGP SIGNATURE-----

--sHrvAb52M6C8blB9--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010425023740.C54713>