jimzah/freebsd-src
1
0
Fork 0
mirror of https://github.com/freebsd/freebsd-src.git synced 2024-12-03 10:29:15 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Fix unsafe tempfile creation. This file is already off the vendor

Browse Source 
branch.  Although this problem has been reported to the GNU folks,
it's unlikely that any solution they may come up with will involve
the use of mktemp(1).

PR:		16942
Submitted by:	Colin Phipps <crp22@cam.ac.uk>
This commit is contained in:
Sheldon Hearn 2000-04-03 09:49:49 +00:00
parent a890573afa
commit 26d052cf1c
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=58968
1 changed files with 13 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
gnu/usr.bin/send-pr/send-pr.sh
View File

@ -73,12 +73,6 @@ fi
# #
[ -z "$TMPDIR" ] && TMPDIR=/tmp
TEMP=$TMPDIR/p$$
BAD=$TMPDIR/pbad$$
REF=$TMPDIR/pf$$
if [ -z "$LOGNAME" -a -n "$USER" ]; then if [ -z "$LOGNAME" -a -n "$USER" ]; then
LOGNAME=$USER LOGNAME=$USER
fi fi
@ -93,19 +87,21 @@ elif [ -f $HOME/.fullname ]; then
ORIGINATOR="`sed -e '1q' $HOME/.fullname`" ORIGINATOR="`sed -e '1q' $HOME/.fullname`"
elif [ -f /bin/domainname ]; then elif [ -f /bin/domainname ]; then
if [ "`/bin/domainname`" != "" -a -f /usr/bin/ypcat ]; then if [ "`/bin/domainname`" != "" -a -f /usr/bin/ypcat ]; then
PTEMP=`mktemp -t p` || exit 1
# Must use temp file due to incompatibilities in quoting behavior # Must use temp file due to incompatibilities in quoting behavior
# and to protect shell metacharacters in the expansion of $LOGNAME # and to protect shell metacharacters in the expansion of $LOGNAME
/usr/bin/ypcat passwd 2>/dev/null | cat - /etc/passwd | grep "^$LOGNAME:" | /usr/bin/ypcat passwd 2>/dev/null | cat - /etc/passwd | grep "^$LOGNAME:" |
cut -f5 -d':' | sed -e 's/,.*//' > $TEMP cut -f5 -d':' | sed -e 's/,.*//' > $PTEMP
ORIGINATOR="`cat $TEMP`" ORIGINATOR="`cat $PTEMP`"
rm -f $TEMP rm -f $PTEMP
fi fi
fi fi
if [ "$ORIGINATOR" = "" ]; then if [ "$ORIGINATOR" = "" ]; then
grep "^$LOGNAME:" /etc/passwd | cut -f5 -d':' | sed -e 's/,.*//' > $TEMP PTEMP=`mktemp -t p` || exit 1
ORIGINATOR="`cat $TEMP`" grep "^$LOGNAME:" /etc/passwd | cut -f5 -d':' | sed -e 's/,.*//' > $PTEMP
rm -f $TEMP ORIGINATOR="`cat $PTEMP`"
rm -f $PTEMP
fi fi
if [ -n "$ORGANIZATION" ]; then if [ -n "$ORGANIZATION" ]; then
@ -251,6 +247,9 @@ DESCRIPTION_C='<Precise description of the problem (multiple lines)>'
HOW_TO_REPEAT_C='<Code/input/activities to reproduce the problem (multiple lines)>' HOW_TO_REPEAT_C='<Code/input/activities to reproduce the problem (multiple lines)>'
FIX_C='<How to correct or work around the problem, if known (multiple lines)>' FIX_C='<How to correct or work around the problem, if known (multiple lines)>'
# Create temporary files, safely
REF=`mktemp -t pf` || exit 1
TEMP=`mktemp -t pf` || exit 1
# Catch some signals. ($xs kludge needed by Sun /bin/sh) # Catch some signals. ($xs kludge needed by Sun /bin/sh)
xs=0 xs=0
trap 'rm -f $REF $TEMP; exit $xs' 0 trap 'rm -f $REF $TEMP; exit $xs' 0
@ -482,6 +481,7 @@ while [ -z "$REQUEST_ID" ]; do
case "$input" in case "$input" in
a*) a*)
if [ -z "$BATCH" ]; then if [ -z "$BATCH" ]; then
BAD=`mktemp -t pbad`
echo "$COMMAND: the problem report remains in $BAD and is not sent." echo "$COMMAND: the problem report remains in $BAD and is not sent."
mv $TEMP $BAD mv $TEMP $BAD
else else
@ -542,6 +542,7 @@ if $MAIL_AGENT < $REF; then
else else
echo "$COMMAND: mysterious mail failure." echo "$COMMAND: mysterious mail failure."
if [ -z "$BATCH" ]; then if [ -z "$BATCH" ]; then
BAD=`mktemp -t pbad`
echo "$COMMAND: the problem report remains in $BAD and is not sent." echo "$COMMAND: the problem report remains in $BAD and is not sent."
mv $REF $BAD mv $REF $BAD
else else