diff options
author | Kris Kennaway <kris@FreeBSD.org> | 2001-05-29 06:30:45 +0000 |
---|---|---|
committer | Kris Kennaway <kris@FreeBSD.org> | 2001-05-29 06:30:45 +0000 |
commit | 557c7a1c70ea2b9372d25a1bd2f68a725537c7d0 (patch) | |
tree | f6bbf6a598da74673e245482ebd348f730aaac0d /textproc/ispell | |
parent | There is no longer any reason to mark this port MANUAL_PACKAGE_BUILD: (diff) |
Create tempfiles securely. Bump PORTREVISION.
Submitted by: Jarno Huuskonen <Jarno.Huuskonen@uku.fi>
Notes
Notes:
svn path=/head/; revision=43228
Diffstat (limited to 'textproc/ispell')
-rw-r--r-- | textproc/ispell/Makefile | 2 | ||||
-rw-r--r-- | textproc/ispell/files/patch-sec1 | 40 |
2 files changed, 41 insertions, 1 deletions
diff --git a/textproc/ispell/Makefile b/textproc/ispell/Makefile index 7b3df2f68770..83e015f20eaa 100644 --- a/textproc/ispell/Makefile +++ b/textproc/ispell/Makefile @@ -7,7 +7,7 @@ PORTNAME?= ispell PORTVERSION?= 3.1.20c -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES+= textproc elisp MASTER_SITES= ftp://ftp.cs.ucla.edu/pub/ispell-3.1/ \ ftp://ftp.kiarchive.ru/pub/unix/text/ispell/ diff --git a/textproc/ispell/files/patch-sec1 b/textproc/ispell/files/patch-sec1 new file mode 100644 index 000000000000..24632fe5221c --- /dev/null +++ b/textproc/ispell/files/patch-sec1 @@ -0,0 +1,40 @@ +--- ispell.c-orig Thu May 24 14:52:00 2001 ++++ ispell.c Thu May 24 15:00:06 2001 +@@ -802,6 +802,7 @@ + { + struct stat statbuf; + char * cp; ++ int fd; + + currentfile = filename; + +@@ -835,15 +836,20 @@ + + (void) fstat (fileno (infile), &statbuf); + (void) strcpy (tempfile, TEMPNAME); +- if (mktemp (tempfile) == NULL || tempfile[0] == '\0' +- || (outfile = fopen (tempfile, "w")) == NULL) +- { +- (void) fprintf (stderr, CANT_CREATE, +- (tempfile == NULL || tempfile[0] == '\0') +- ? "temporary file" : tempfile); +- (void) sleep ((unsigned) 2); +- return; +- } ++ ++ if ((fd = mkstemp(tempfile)) == -1) { ++ fprintf(stderr, "Error: Can't create (mkstemp) temporary file\n"); ++ sleep(2); ++ return; ++ } ++ if ((outfile = fdopen(fd, "w")) == NULL) { ++ unlink(tempfile); ++ close(fd); ++ fprintf(stderr, "Error: Can't open (fdopen) temporary file\n"); ++ sleep(2); ++ return; ++ } ++ /* Is this necessary ? */ + (void) chmod (tempfile, statbuf.st_mode); + + quit = 0; |