| blob | 6797a947999b971b4329ae947681dd2bde04d283 |
1 https://sources.debian.org/data/main/a/a2ps/1:4.14-5/debian/patches/09_CVE-2001-1593.diff
3 Index: b/lib/routines.c
4 ===================================================================
5 --- a/lib/routines.c
6 +++ b/lib/routines.c
7 @@ -242,3 +242,50 @@
8 /* Don't complain if you can't unlink. Who cares of a tmp file? */
9 unlink (filename);
10 }
11 +
12 +/*
13 + * Securely generate a temp file, and make sure it gets
14 + * deleted upon exit.
15 + */
16 +static char ** tempfiles;
17 +static unsigned ntempfiles;
18 +
19 +static void
20 +cleanup_tempfiles()
21 +{
22 + while (ntempfiles--)
23 + unlink(tempfiles[ntempfiles]);
24 +}
25 +
26 +char *
27 +safe_tempnam(const char *pfx)
28 +{
29 + char *dirname, *filename;
30 + int fd;
31 +
32 + if (!(dirname = getenv("TMPDIR")))
33 + dirname = "/tmp";
34 +
35 + tempfiles = (char **) realloc(tempfiles,
36 + (ntempfiles+1) * sizeof(char *));
37 + if (tempfiles == NULL)
38 + return NULL;
39 +
40 + filename = malloc(strlen(dirname) + strlen(pfx) + sizeof("/XXXXXX"));
41 + if (!filename)
42 + return NULL;
43 +
44 + sprintf(filename, "%s/%sXXXXXX", dirname, pfx);
45 +
46 + if ((fd = mkstemp(filename)) < 0) {
47 + free(filename);
48 + return NULL;
49 + }
50 + close(fd);
51 +
52 + if (ntempfiles == 0)
53 + atexit(cleanup_tempfiles);
54 + tempfiles[ntempfiles++] = filename;
55 +
56 + return filename;
57 +}
58 Index: b/lib/routines.h
59 ===================================================================
60 --- a/lib/routines.h
61 +++ b/lib/routines.h
62 @@ -255,7 +255,8 @@
63 /* If _STR_ is not defined, give it a tempname in _TMPDIR_ */
64 #define tempname_ensure(Str) \
65 do { \
66 - (Str) = (Str) ? (Str) : tempnam (NULL, "a2_"); \
67 + (Str) = (Str) ? (Str) : safe_tempnam("a2_"); \
68 } while (0)
69 +char * safe_tempnam(const char *);
71 #endif