Create tempfiles securely. Bump PORTREVISION.

Submitted by:   Jarno Huuskonen <Jarno.Huuskonen@uku.fi>

2 files changed, 41 insertions, 1 deletions

diff --git a/textproc/ispell/Makefile b/textproc/ispell/Makefile
index 7b3df2f68770..83e015f20eaa 100644
--- a/textproc/ispell/Makefile
+++ b/textproc/ispell/Makefile
@@ -7,7 +7,7 @@
 
 PORTNAME?=	ispell
 PORTVERSION?=	3.1.20c
-PORTREVISION=	2
+PORTREVISION=	3
 CATEGORIES+=	textproc elisp
 MASTER_SITES=	ftp://ftp.cs.ucla.edu/pub/ispell-3.1/ \
 		ftp://ftp.kiarchive.ru/pub/unix/text/ispell/
diff --git a/textproc/ispell/files/patch-sec1 b/textproc/ispell/files/patch-sec1
new file mode 100644
index 000000000000..24632fe5221c
--- /dev/null
+++ b/textproc/ispell/files/patch-sec1
@@ -0,0 +1,40 @@
+--- ispell.c-orig	Thu May 24 14:52:00 2001
++++ ispell.c	Thu May 24 15:00:06 2001
+@@ -802,6 +802,7 @@
+     {
+     struct stat	statbuf;
+     char *	cp;
++		int fd;
+ 
+     currentfile = filename;
+ 
+@@ -835,15 +836,20 @@
+ 
+     (void) fstat (fileno (infile), &statbuf);
+     (void) strcpy (tempfile, TEMPNAME);
+-    if (mktemp (tempfile) == NULL  ||  tempfile[0] == '\0'
+-      ||  (outfile = fopen (tempfile, "w")) == NULL)
+-	{
+-	(void) fprintf (stderr, CANT_CREATE,
+-	  (tempfile == NULL  ||  tempfile[0] == '\0')
+-	    ? "temporary file" : tempfile);
+-	(void) sleep ((unsigned) 2);
+-	return;
+-	}
++
++		if ((fd = mkstemp(tempfile)) == -1) {
++			fprintf(stderr, "Error: Can't create (mkstemp) temporary file\n");
++			sleep(2);
++			return;
++		}
++		if ((outfile = fdopen(fd, "w")) == NULL) {
++			unlink(tempfile);
++			close(fd);
++			fprintf(stderr, "Error: Can't open (fdopen) temporary file\n");
++			sleep(2);
++			return;
++		}
++		/* Is this necessary ? */
+     (void) chmod (tempfile, statbuf.st_mode);
+ 
+     quit = 0;