Undo the removal of patch-ae in the previous commit, to avoid the

insecure-temporary-files problem patch-ae was supposed to fix.
Provide a new patch-ae that does something more like the right thing.

(The old one tried to open and write to a directory created with
mkdtemp(), so even if this code doesn't fully work it's still an
improvement.)

XXX: compile-tested only, don't have time to do it properly right now...

PKGREVISION++.

3 files changed, 115 insertions, 3 deletions

diff --git a/sysutils/gentoo/Makefile b/sysutils/gentoo/Makefile
index 60e1324744f..883055ce524 100644
--- a/sysutils/gentoo/Makefile
+++ b/sysutils/gentoo/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.31 2009/01/25 13:12:44 obache Exp $
+# $NetBSD: Makefile,v 1.32 2009/01/26 04:54:50 dholland Exp $
 
 DISTNAME=	gentoo-0.11.57
-PKGREVISION=	1
+PKGREVISION=	2
 CATEGORIES=	sysutils
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE:=gentoo/}
 
diff --git a/sysutils/gentoo/distinfo b/sysutils/gentoo/distinfo
index 02aeddc7efd..f3b25c2959b 100644
--- a/sysutils/gentoo/distinfo
+++ b/sysutils/gentoo/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.24 2009/01/25 13:12:44 obache Exp $
+$NetBSD: distinfo,v 1.25 2009/01/26 04:54:50 dholland Exp $
 
 SHA1 (gentoo-0.11.57.tar.gz) = ac5859b489a6b88161d5b0f2ddd06490ce9915eb
 RMD160 (gentoo-0.11.57.tar.gz) = 675333aa740f297a0d41d5795689b8e4280d2bdf
@@ -7,6 +7,7 @@ SHA1 (patch-aa) = 5d8f1fcd4110b09e02f44584e2ccd921a7175929
 SHA1 (patch-ab) = e84931dbc57434881f8071e389ebe8df061ee0b6
 SHA1 (patch-ac) = 4e5d52849887b816eb4388fb2c75aefb3443f5c8
 SHA1 (patch-ad) = 7e41b435aff7af5e57bfb82902a6bb88af37ad97
+SHA1 (patch-ae) = 92ddda6d990f7670e0b79cc642981948fdcce348
 SHA1 (patch-af) = 2b80f24bd545177b0d089696e7b3ed7f0d72a3b0
 SHA1 (patch-ag) = 3045a4eb72f8c50d147fe09256ec791359053418
 SHA1 (patch-ah) = c14c80a7c821f69b98cb23156ec5b30ac40ed2ec
diff --git a/sysutils/gentoo/patches/patch-ae b/sysutils/gentoo/patches/patch-ae
new file mode 100644
index 00000000000..e84c78a8005
--- /dev/null
+++ b/sysutils/gentoo/patches/patch-ae
@@ -0,0 +1,111 @@
+$NetBSD: patch-ae,v 1.5 2009/01/26 04:54:50 dholland Exp $
+
+Fix insecure-temp-files. Replaces older nonworking patch with similar
+intent. XXX inadequately tested, lack of time.
+
+Upstream: not sent upstream; inadequately tested, lack of time.
+
+--- src/types.c.orig	2008-07-09 15:51:26.000000000 -0400
++++ src/types.c	2009-01-25 23:36:47.000000000 -0500
+@@ -27,6 +27,7 @@
+ #include <signal.h>
+ #include <sys/wait.h>
+ #include <unistd.h>
++#include <paths.h>
+ 
+ #include <stddef.h>
+ 
+@@ -345,14 +346,18 @@ static FType * match_file(GList *list, D
+ void typ_identify_end(MainInfo *min, const gchar *path)
+ {
+ 	const GList	*here;
+-	gchar		buf[MAXNAMLEN + 2], *temp_name;
++	gchar		buf[MAXNAMLEN + 2];
+ 	gint		fd[2], len, status;
+ 	pid_t		file_pid;
+ 	FType		*type;
++	char		tempnamebuf[64];
++	int		tempfd;
+ 
+ 	if(file_list == NULL)
+ 		return;
+-	if((temp_name = tmpnam(NULL)) == NULL)
++	strcpy(tempnamebuf, _PATH_TMP "gentoo.XXXXXX");
++	tempfd = mkstemp(tempnamebuf);
++	if (tempfd < 0)
+ 		return;
+ 	if(pipe(fd) != 0)
+ 		return;
+@@ -360,20 +365,16 @@ void typ_identify_end(MainInfo *min, con
+ 	file_pid = fork();
+ 	if(file_pid == 0)
+ 	{
+-		guint	bits = 0U;
+-
+-		if(close(STDIN_FILENO) == 0)
+-		{
+-			if(dup(fd[STDIN_FILENO]) == STDIN_FILENO)
+-				bits |= (close(fd[STDIN_FILENO]) == 0);
+-		}
+-		if(close(STDOUT_FILENO) == 0)
+-		{
+-			if(open(temp_name, O_CREAT | O_RDWR, S_IRWXU) == STDOUT_FILENO)
+-				bits |= (close(fd[STDOUT_FILENO]) == 0) << 1;
+-		}
+-		if(bits == 3U && chdir(path) == 0)
+-			execlp("file", "file", "-f", "-", NULL);
++		if (dup2(fd[0], STDIN_FILENO) < 0)
++			_exit(EXIT_FAILURE);
++		if (dup2(tempfd, STDOUT_FILENO) < 0)
++			_exit(EXIT_FAILURE);
++		close(fd[0]);
++		close(fd[1]);
++		close(tempfd);
++		if (chdir(path) < 0)
++			_exit(EXIT_FAILURE);
++		execlp("file", "file", "-f", "-", NULL);
+ 		_exit(EXIT_FAILURE);
+ 	}
+ 	else if(file_pid < 0)
+@@ -382,21 +381,21 @@ void typ_identify_end(MainInfo *min, con
+ 		return;
+ 	}
+ 	/* We don't need the input part of the pipe, so close it. */
+-	close(fd[STDIN_FILENO]);
++	close(fd[0]);
+ 	/* Now, we have file listening on pipe, so write all filenames to it. */
+ 	for(here = file_list; here != NULL; here = g_list_next(here))
+ 	{
+ 		len = g_snprintf(buf, sizeof buf, "%s\n", DP_SEL_NAME(here));
+-		write(fd[STDOUT_FILENO], buf, len);
++		write(fd[1], buf, len);
+ 	}
+-	close(fd[STDOUT_FILENO]);
++	close(fd[1]);
+ 	waitpid(file_pid, &status, 0);
+ 
+ 	if(WIFEXITED(status))
+ 	{
+ 		FILE	*in;
+ 
+-		if((in = fopen(temp_name, "rt")) != NULL)
++		if((in = fdopen(tempfd, "rt")) != NULL)
+ 		{
+ 			const gchar	*fout;
+ 			gchar		line[MAXNAMLEN + 256];
+@@ -412,10 +411,14 @@ void typ_identify_end(MainInfo *min, con
+ 			}
+ 			fclose(in);
+ 		}
++		else
++			close(tempfd);
+ 	}
++	else
++		close(tempfd);
+ 	g_list_free(file_list);
+ 	file_list = NULL;
+-	remove(temp_name);
++	remove(tempnamebuf);
+ }
+ 
+ /* ----------------------------------------------------------------------------------------- */