diff options
| author | dholland <dholland@pkgsrc.org> | 2008-06-01 21:46:37 +0000 |
|---|---|---|
| committer | dholland <dholland@pkgsrc.org> | 2008-06-01 21:46:37 +0000 |
| commit | 6580891cf31a76256a9a396450350792f0e7b738 (patch) | |
| tree | 4de30ea741897513c2484903d39abe38b17dbae8 /converters/uudeview | |
| parent | 54df6c22d7c3f2cb9e3c96139426a24537d4110b (diff) | |
| download | pkgsrc-6580891cf31a76256a9a396450350792f0e7b738.tar.gz | |
Fix insecure-temporary-files, as reported in Debian bug 480972.
PKGREVISION++.
Diffstat (limited to 'converters/uudeview')
| -rw-r--r-- | converters/uudeview/Makefile | 4 | ||||
| -rw-r--r-- | converters/uudeview/distinfo | 3 | ||||
| -rw-r--r-- | converters/uudeview/patches/patch-ac | 42 |
3 files changed, 46 insertions, 3 deletions
diff --git a/converters/uudeview/Makefile b/converters/uudeview/Makefile index 89551f0fc61..2e1c70fc8b6 100644 --- a/converters/uudeview/Makefile +++ b/converters/uudeview/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.27 2007/02/22 19:26:15 wiz Exp $ +# $NetBSD: Makefile,v 1.28 2008/06/01 21:49:56 dholland Exp $ # DISTNAME= uudeview-0.5.20 -PKGREVISION= 1 +PKGREVISION= 2 CATEGORIES= converters MASTER_SITES= http://www.fpx.de/fp/Software/UUDeview/download/ diff --git a/converters/uudeview/distinfo b/converters/uudeview/distinfo index 74e21c16797..d2cf2ce47a8 100644 --- a/converters/uudeview/distinfo +++ b/converters/uudeview/distinfo @@ -1,7 +1,8 @@ -$NetBSD: distinfo,v 1.7 2005/02/23 16:12:35 agc Exp $ +$NetBSD: distinfo,v 1.8 2008/06/01 21:49:56 dholland Exp $ SHA1 (uudeview-0.5.20.tar.gz) = 2c6ab7d355b545218bd0877d598bd5327d9fd125 RMD160 (uudeview-0.5.20.tar.gz) = 9bb52fa3ad4979383ff16d1e8d8a302c5c794c66 Size (uudeview-0.5.20.tar.gz) = 261574 bytes SHA1 (patch-aa) = bf7e281b7e0e2ceae6bc8c19c9e64cdb7d5a9d64 SHA1 (patch-ab) = bdd62a84d0f62c697dd4440df861c343ffeb683a +SHA1 (patch-ac) = 2ae6579816e2ee1273c2c8db6bf82b8954a3d16c diff --git a/converters/uudeview/patches/patch-ac b/converters/uudeview/patches/patch-ac new file mode 100644 index 00000000000..13b4606fc7c --- /dev/null +++ b/converters/uudeview/patches/patch-ac @@ -0,0 +1,42 @@ +$NetBSD: patch-ac,v 1.5 2008/06/01 21:49:56 dholland Exp $ + +--- unix/uudeview.c.orig 2003-04-12 19:33:55.000000000 -0400 ++++ unix/uudeview.c 2008-06-01 17:02:31.000000000 -0400 +@@ -31,6 +31,7 @@ + #include <stdio.h> + #include <ctype.h> + #include <signal.h> ++#include <paths.h> + + #ifdef HAVE_FCNTL_H + #include <fcntl.h> +@@ -440,6 +441,7 @@ + { + static char buffer[1024]; + char *stdfile; ++ int targetfd; + FILE *target; + size_t bytes; + int res; +@@ -449,11 +451,20 @@ + return 0; + } + +- if ((stdfile = tempnam (NULL, "uu")) == NULL) { ++ if ((stdfile = strdup (_PATH_TMP "uu.XXXXXX")) == NULL) { + fprintf (stderr, "proc_stdin: cannot get temporary file\n"); + return 0; + } + ++ if ((targetfd = mkstemp (stdfile)) < 0) { ++ fprintf (stderr, "proc_stdin: cannot open temp file %s for writing: %s\n", ++ stdfile, strerror (errno)); ++ _FP_free (stdfile); ++ return 0; ++ } ++ ++ /* file now safely exists, reopen it with the right mode */ ++ close(targetfd); + if ((target = fopen (stdfile, "wb")) == NULL) { + fprintf (stderr, "proc_stdin: cannot open temp file %s for writing: %s\n", + stdfile, strerror (errno)); |