Blame SOURCES/a2ps-4.13-security.patch

8f1c6e
--- a2ps-4.13/lib/routines.c.security	Sat Oct 16 05:46:37 1999
8f1c6e
+++ a2ps-4.13/lib/routines.c	Mon Feb 12 17:45:15 2001
8f1c6e
@@ -242,3 +242,50 @@
8f1c6e
   /* Don't complain if you can't unlink.  Who cares of a tmp file? */
8f1c6e
   unlink (filename);
8f1c6e
 }
8f1c6e
+
8f1c6e
+/*
8f1c6e
+ * Securely generate a temp file, and make sure it gets
8f1c6e
+ * deleted upon exit.
8f1c6e
+ */
8f1c6e
+static char **	tempfiles;
8f1c6e
+static unsigned	ntempfiles;
8f1c6e
+
8f1c6e
+static void
8f1c6e
+cleanup_tempfiles()
8f1c6e
+{
8f1c6e
+	while (ntempfiles--)
8f1c6e
+		unlink(tempfiles[ntempfiles]);
8f1c6e
+}
8f1c6e
+
8f1c6e
+char *
8f1c6e
+safe_tempnam(const char *pfx)
8f1c6e
+{
8f1c6e
+	char	*dirname, *filename;
8f1c6e
+	int	fd;
8f1c6e
+
8f1c6e
+	if (!(dirname = getenv("TMPDIR")))
8f1c6e
+		dirname = "/tmp";
8f1c6e
+
8f1c6e
+	tempfiles = (char **) realloc(tempfiles,
8f1c6e
+			(ntempfiles+1) * sizeof(char *));
8f1c6e
+	if (tempfiles == NULL)
8f1c6e
+		return NULL;
8f1c6e
+
8f1c6e
+	filename = malloc(strlen(dirname) + strlen(pfx) + sizeof("/XXXXXX"));
8f1c6e
+	if (!filename)
8f1c6e
+		return NULL;
8f1c6e
+
8f1c6e
+	sprintf(filename, "%s/%sXXXXXX", dirname, pfx);
8f1c6e
+
8f1c6e
+	if ((fd = mkstemp(filename)) < 0) {
8f1c6e
+		free(filename);
8f1c6e
+		return NULL;
8f1c6e
+	}
8f1c6e
+	close(fd);
8f1c6e
+
8f1c6e
+	if (ntempfiles == 0)
8f1c6e
+		atexit(cleanup_tempfiles);
8f1c6e
+	tempfiles[ntempfiles++] = filename;
8f1c6e
+
8f1c6e
+	return filename;
8f1c6e
+}
8f1c6e
--- a2ps-4.13/lib/routines.h.security	Mon Oct 18 21:24:41 1999
8f1c6e
+++ a2ps-4.13/lib/routines.h	Mon Feb 12 17:39:30 2001
8f1c6e
@@ -255,7 +255,8 @@
8f1c6e
 /* If _STR_ is not defined, give it a tempname in _TMPDIR_ */
8f1c6e
 #define tempname_ensure(Str)				\
8f1c6e
 do {							\
8f1c6e
-  (Str) = (Str) ? (Str) : tempnam (NULL, "a2_");	\
8f1c6e
+  (Str) = (Str) ? (Str) : safe_tempnam("a2_");	\
8f1c6e
 } while (0)
8f1c6e
+char * safe_tempnam(const char *);
8f1c6e
 
8f1c6e
 #endif