components/mail/mpack/patches/patch-ab.patch

   1 $NetBSD: patch-ab,v 1.9 2012/01/10 21:09:55 tez Exp $
   2
   3 - Include fixes for modern Unix.
   4 - Don't try to use /usr/tmp.
   5 - Time handling fixes for NetBSD with 64-bit time_t.
   6 - Fix for CVE-2011-4919 (bad permissions on created files)
   7
   8 Upstream: as far as I know not actively maintained upstream.
   9
  10 --- unixos.c.orig       2003-07-21 20:54:05.000000000 +0000
  11 +++ unixos.c
  12 @@ -23,9 +23,11 @@
  13   * SOFTWARE.
  14   */
  15  #include <stdio.h>
  16 +#include <stdlib.h>
  17  #include <ctype.h>
  18  #include <string.h>
  19  #include <errno.h>
  20 +#include <time.h>
  21  #include <sys/types.h>
  22  #include <sys/param.h>
  23  #include <netdb.h>
  24 @@ -38,10 +40,6 @@
  25  #define MAXHOSTNAMELEN 64
  26  #endif
  27
  28 -extern int errno;
  29 -extern char *malloc();
  30 -extern char *getenv();
  31 -
  32  int overwrite_files = 0;
  33  int didchat;
  34
  35 @@ -76,7 +74,7 @@ char *os_genid(void)
  36      }
  37
  38      result = malloc(25+strlen(hostname));
  39 -    sprintf(result, "%d.%d@%s", pid, curtime++, hostname);
  40 +    sprintf(result, "%d.%lld@%s", pid, (long long) curtime++, hostname);
  41      return result;
  42  }
  43
  44 @@ -90,7 +88,11 @@ char *os_idtodir(char *id)
  45         strcpy(buf, getenv("TMPDIR"));
  46      }
  47      else {
  48 -       strcpy(buf, "/usr/tmp");
  49 +#if defined(P_tmpdir)
  50 +       strcpy(buf, P_tmpdir);
  51 +#else
  52 +       strcpy(buf, "/var/tmp");
  53 +#endif
  54      }
  55      strcat(buf, "/m-prts-");
  56      p = getenv("USER");
  57 @@ -137,9 +139,9 @@ FILE *os_createnewfile(char *fname)
  58      FILE *ret;
  59
  60  #ifdef O_EXCL
  61 -    fd=open(fname, O_RDWR|O_CREAT|O_EXCL, 0644);
  62 +    fd=open(fname, O_RDWR|O_CREAT|O_EXCL, 0600);
  63  #else
  64 -    fd=open(fname, O_RDWR|O_CREAT|O_TRUNC, 0644);
  65 +    fd=open(fname, O_RDWR|O_CREAT|O_TRUNC, 0600);
  66  #endif
  67
  68      if (fd == -1)