From: Bdale Garbee Date: Wed, 11 Jan 2012 18:22:37 +0000 (-0700) Subject: fold in patch from Jim Paris for use of mkstemps to improve security X-Git-Tag: debian/2.3.1-5~1 X-Git-Url: https://git.gag.com/?p=debian%2Fas31;a=commitdiff_plain;h=fde89d92ac2177c0a375fd3721b64c09c3aec9b5 fold in patch from Jim Paris for use of mkstemps to improve security --- diff --git a/debian/changelog b/debian/changelog index ac23c36..d523b9e 100644 --- a/debian/changelog +++ b/debian/changelog @@ -2,6 +2,7 @@ as31 (2.3.1-5) unstable; urgency=low * force regeneration of stale upstream parser.c to resolve "location counter overlaps" errors on 64-bit machines, closes: #655487 + * patch from Jim Paris to use mkstemps, closes: #655496 -- Bdale Garbee Wed, 11 Jan 2012 11:15:32 -0700 diff --git a/debian/patches/as31-mkstemps.patch b/debian/patches/as31-mkstemps.patch new file mode 100644 index 0000000..688cb59 --- /dev/null +++ b/debian/patches/as31-mkstemps.patch @@ -0,0 +1,34 @@ +--- as31-2.3.1/as31/run.c 2005-09-05 12:32:42.000000000 -0400 ++++ as31-2.3.1-fixed/as31/run.c 2012-01-11 12:30:19.000000000 -0500 +@@ -39,8 +39,8 @@ + char *incLineBuffer=NULL; + int incSizeBuf=0; + FILE* includeFile=NULL; ++ int fd; + +- uid_t uid; + /* first, figure out all the file names */ + + dashl = lst; +@@ -95,11 +95,18 @@ + } + } + +- uid = geteuid(); +- sprintf(tmpName,"/tmp/as31-%i-%ld.asm",uid,random()); +- fin = fopen(tmpName, "w"); ++ sprintf(tmpName,"/tmp/as31-XXXXXX.asm"); ++ fd = mkstemps(tmpName, 4); ++ if (fd == -1) { ++ mesg_f("Cannot create temp file\n"); ++ if (outfile) free(outfile); ++ if (lstfile) free(lstfile); ++ return -1; ++ } ++ fin = fdopen(fd, "w"); + if (fin == NULL) { + mesg_f("Cannot open temp file: %s\n",tmpName); ++ close(fd); + if (outfile) free(outfile); + if (lstfile) free(lstfile); + return -1; diff --git a/debian/patches/series b/debian/patches/series index 70e7197..a3a6c63 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,2 +1,3 @@ elide_errant_text regenerate_parser.c +as31-mkstemps.patch